Try resolving jail path with realpath(3).

jail(8) does a chdir(2) to the given path argument. Kernel evaluates the jail path from the new cwd and not from the original cwd, which leads to undesired behavior if given a relative path. Reviewed by: jamie MFC after: 2 weeks
svn path=/head/; revision=230495
2012-01-24 08:04:38 +00:00 · 2012-01-24 08:04:38 +00:00 · d637f5bf9a · 2020-12-20 02:59:44 +00:00
commit d637f5bf9a
parent e0f1891c48
1 changed files with 8 additions and 2 deletions
--- a/usr.sbin/jail/jail.c
+++ b/usr.sbin/jail/jail.c
@ -508,6 +508,7 @@ static void
 set_param(const char *name, char *value)
 {
 	struct jailparam *param;
+	char path[PATH_MAX];
 	int i;

 	static int paramlistsize;
@ -520,8 +521,13 @@ set_param(const char *name, char *value)
 	}

 	/* jail_set won't chdir along with its chroot, so do it here. */
-	if (!strcmp(name, "path") && chdir(value) < 0)
-		err(1, "chdir: %s", value);
+	if (!strcmp(name, "path")) {
+		/* resolve the path with realpath(3) */
+		if (realpath(value, path) != NULL)
+			value = path;
+		if (chdir(value) < 0)
+			err(1, "chdir: %s", value);
+	}

 	/* Check for repeat parameters */
 	for (i = 0; i < nparams; i++)