diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2018-05-18 06:29:26 +0200 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2018-05-18 06:30:21 +0200 |
| commit | 8994a11790dc9bf91cdd94f5f90db0c3faaa23bf (patch) | |
| tree | 7f977f9b843e7ad84c0c2565e8cbfb7ba1b805b9 /src/core/dbus-execute.c | |
| parent | tmpfiles: create /var/{lib,log,cache}/private during early boot (diff) | |
| download | systemd-8994a11790dc9bf91cdd94f5f90db0c3faaa23bf.tar.xz systemd-8994a11790dc9bf91cdd94f5f90db0c3faaa23bf.zip | |
core: refuse StateDirectory=private
Follow-up for e8865688735ba3bd34297fa89cca6bde7ba33997 (#9021).
Diffstat (limited to 'src/core/dbus-execute.c')
| -rw-r--r-- | src/core/dbus-execute.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index 3b1c77e967..fe9701b33d 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -2139,8 +2139,14 @@ int bus_exec_context_set_transient_property( return r; STRV_FOREACH(p, l) { - if (!path_is_normalized(*p) || path_is_absolute(*p)) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not valid: %s", name, *p); + if (!path_is_normalized(*p)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not normalized: %s", name, *p); + + if (path_is_absolute(*p)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is absolute: %s", name, *p); + + if (path_startswith(*p, "private")) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path can't be 'private': %s", name, *p); } if (!UNIT_WRITE_FLAGS_NOOP(flags)) { |