[systemd-devel] [PATCH 2/2] journalctl: add permission check on /var/log/journal
Zbigniew Jędrzejewski-Szmek
zbyszek at in.waw.pl
Sun Jul 14 20:10:05 PDT 2013
On Sun, Jul 14, 2013 at 10:48:14AM -0700, Shawn Landden wrote:
> ---
> src/journal/journalctl.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
> index 5f44fce..77a5fb1 100644
> --- a/src/journal/journalctl.c
> +++ b/src/journal/journalctl.c
> @@ -748,6 +748,12 @@ static int setup_keys(void) {
> return r < 0 ? -errno : -ENOTDIR;
> }
>
> + r = access("/var/log/journal", R_OK | W_OK | X_OK);
> + if (r < 0) {
> + log_error("Insufficient permission on %s: %m", "/var/log/journal");
> + return -errno;
> + }
> +
Is is a big problem if the key is generated and wasted, becaudse it
cannot be written?
This actually checks the wrong dir. Maybe you can simply move up the
opening of the output file up, without adding an artificial check.
Zbyszek
More information about the systemd-devel
mailing list