Fossil

Check-in [558cef7c6d]
Login
Home Timeline Docs Branches Tickets Wiki DownloadMore...

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:The g.fJail global variable should always be set whenever a chroot jail has been entered.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 558cef7c6d40932da58273d42e50b658b8689d52e872faa2d1ea6615c0d8b150
User & Date: drh 2022-09-26 12:08:41.219
Context
2022-09-26
22:29
Replaced most of the speculation in the walmode section of the containers doc with a link to the walbanger project, where we'll be answering this question. check-in: 96633067d5 user: wyoung tags: trunk
12:08
The g.fJail global variable should always be set whenever a chroot jail has been entered. check-in: 558cef7c6d user: drh tags: trunk
07:08
Cherrypick [5ade6fb863e4], inadvertently checked in on a different branch. check-in: 44c5d02932 user: stephan tags: trunk
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/file.c. 
491
492
493
494
495
496
497

498
499
500
501
502
503
504

#ifdef _WIN32
  rc = win32_chdir(zPath, bChroot);
#else
  rc = chdir(zPath);
  if( !rc && bChroot ){
    rc = chroot(zPath);
    if( !rc ) rc = chdir("/");

  }
#endif
  fossil_path_free(zPath);
  return rc;
}

/*








>








491
492
493
494
495
496
497
498
499
500
501
502
503
504
505

#ifdef _WIN32
  rc = win32_chdir(zPath, bChroot);
#else
  rc = chdir(zPath);
  if( !rc && bChroot ){
    rc = chroot(zPath);
    if( !rc ) rc = chdir("/");
    g.fJail = 1;
  }
#endif
  fossil_path_free(zPath);
  return rc;
}

/*
Changes to src/main.c. 
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523

          if( strncmp(zRepo, zDir, n)!=0 ){
            fossil_fatal("repo %s not under chroot dir %s", zRepo, zDir);
          }
          zRepo += n;
          if( *zRepo == '\0' ) zRepo = "/";
        }else {
          zRepo = "/";
          g.fJail = 1;
        }
        if( file_chdir(zDir, 1) ){
          fossil_panic("unable to chroot into %s", zDir);
        }
      }else{
        for(i=strlen(zDir)-1; i>0 && zDir[i]!='/'; i--){}
        if( zDir[i]!='/' ) fossil_fatal("bad repository name: %s", zRepo);








<








1509
1510
1511
1512
1513
1514
1515

1516
1517
1518
1519
1520
1521
1522

          if( strncmp(zRepo, zDir, n)!=0 ){
            fossil_fatal("repo %s not under chroot dir %s", zRepo, zDir);
          }
          zRepo += n;
          if( *zRepo == '\0' ) zRepo = "/";
        }else {
          zRepo = "/";

        }
        if( file_chdir(zDir, 1) ){
          fossil_panic("unable to chroot into %s", zDir);
        }
      }else{
        for(i=strlen(zDir)-1; i>0 && zDir[i]!='/'; i--){}
        if( zDir[i]!='/' ) fossil_fatal("bad repository name: %s", zRepo);
This page was generated in about 0.023s by Fossil 2.26 [1205ec86cb] 2025-04-30 16:57:32