diff options
| author | Lennart Poettering <lennart@poettering.net> | 2018-05-18 20:02:43 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-05-18 20:02:43 +0200 |
| commit | c55b280158a5a349adb091bf6c3600d4cf7f8020 (patch) | |
| tree | 96d9447695dab513fae3efd6a30055f4f1c85047 /src/core/dbus-execute.c | |
| parent | Merge pull request #8940 from poettering/nspawn-attrs (diff) | |
| parent | core: use free_and_replace() (diff) | |
| download | systemd-c55b280158a5a349adb091bf6c3600d4cf7f8020.tar.xz systemd-c55b280158a5a349adb091bf6c3600d4cf7f8020.zip | |
Merge pull request #9026 from yuwata/followup-9021
core: refuse StateDirectory=private
Diffstat (limited to 'src/core/dbus-execute.c')
| -rw-r--r-- | src/core/dbus-execute.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index 143fca71b0..6d3cc5d35b 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -2139,8 +2139,14 @@ int bus_exec_context_set_transient_property( return r; STRV_FOREACH(p, l) { - if (!path_is_normalized(*p) || path_is_absolute(*p)) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not valid: %s", name, *p); + if (!path_is_normalized(*p)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not normalized: %s", name, *p); + + if (path_is_absolute(*p)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is absolute: %s", name, *p); + + if (path_startswith(*p, "private")) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path can't be 'private': %s", name, *p); } if (!UNIT_WRITE_FLAGS_NOOP(flags)) { |