Qubes component: core-agent-linux
Go to file
Marek Marczykowski-Górecki 4a732564fa filecopy: prevent files/dirs movement outside incoming directory during transfer
Otherwise, when the user moves directory, which is still in transfer,
somewhere else, it could allow malicious source domain to escape chroot
and place a file in arbitrary location.

It looks like bind mount is just enough - simple rename fails with
EXDEV, so tools are forced to perform copy+delete, which is enough to
keep unpacker process away from new file location.

One inconvenient detail is that we must clean the mount after transfer
finishes, so root perms cannot be dropped completely. We keep separate
process for only that reason.
2015-01-13 18:34:36 +01:00
archlinux fc21: iptables configurations conflict with fc21 yum package manager 2014-12-28 03:02:27 -05:00
debian version 2.1.48 2015-01-12 21:12:36 +01:00
doc Fix formating 2014-05-25 00:55:51 +02:00
misc fedora: Add security-testing repo definition 2015-01-12 21:12:06 +01:00
network network: fix NM config preparation 2014-12-22 00:04:16 +01:00
pkgs archlinux: created build scripts 2013-04-17 01:22:32 +02:00
qrexec qrexec: fix loop bounds 2014-07-26 02:14:56 +02:00
qubes-rpc filecopy: prevent files/dirs movement outside incoming directory during transfer 2015-01-13 18:34:36 +01:00
rpm_spec fc21: iptables configurations conflict with fc21 yum package manager 2014-12-28 03:02:27 -05:00
vm-init.d Fix disabling nm-applet when NM is disabled 2014-11-30 16:43:11 +01:00
vm-systemd Fix disabling nm-applet when NM is disabled 2014-11-30 16:43:11 +01:00
.gitignore gitignore: fix binary packages declaration 2014-07-27 06:11:14 +02:00
LICENSE Added LICENSE 2010-04-05 21:21:27 +02:00
Makefile fc21: Remove left-over code comment 2014-12-28 03:05:37 -05:00
Makefile.builder Initial debian packaging 2014-07-23 05:13:32 +02:00
version version 2.1.48 2015-01-12 21:12:36 +01:00