From 363b9c4f4d4a142433bc9d66ab51df173bf48ae9 Mon Sep 17 00:00:00 2001
From: Olivier Blin <blino@mageia.org>
Date: Mon, 1 Nov 2010 23:05:12 +0000
Subject: check authorization for canonicalized path

---
 iurt_root_command | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'iurt_root_command')

diff --git a/iurt_root_command b/iurt_root_command
index 6f07e7d..05b6cdc 100755
--- a/iurt_root_command
+++ b/iurt_root_command
@@ -28,6 +28,7 @@ use Mkcd::Commandline qw(parseCommandLine usage);
 use MDK::Common;
 use File::NCopy qw(copy);
 use Iurt::Util qw(plog_init plog);
+use Cwd 'realpath';
 
 my $arg = @ARGV;
 my (@params, %run);
@@ -319,7 +320,10 @@ sub check_path_authorized {
 	plog('FAIL', "can't find home for $ENV{SUDO_USER}");
 	return;
     }
-    if ($path !~ /^\Q$authorized\E/) {
+
+    #- check authorization for canonicalized path (with .. and symlinks resolved)
+    my $realpath = realpath($path);
+    if ($realpath !~ /^\Q$authorized\E/) {
 	plog('FAIL', "$path forbidden");
 	return;
     }
-- 
cgit v1.2.1