Restrict zpool iostat/status -c to search path
zpool iostat/status -c is supposed to be restricted by its search path, but currently isn't. To prevent arbitrary scripts from being executed, disallow '/' from commands. Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Tony Hutter <hutter2@llnl.gov> Reviewed-by: George Melikov <mail@gmelikov.ru> Reviewed-by: Ned Bass <bass6@llnl.gov> Signed-off-by: Giuseppe Di Natale <dinatale2@llnl.gov> Closes #6353 Closes #6359
This commit is contained in:
parent
b6e5c40382
commit
d6bcf7ff5e
@ -565,6 +565,9 @@ vdev_run_cmd_thread(void *cb_cmd_data)
|
||||
char *dir = NULL, *sp, *sprest;
|
||||
char fullpath[MAXPATHLEN];
|
||||
|
||||
if (strchr(cmd, '/') != NULL)
|
||||
continue;
|
||||
|
||||
sp = zpool_get_cmd_search_path();
|
||||
if (sp == NULL)
|
||||
continue;
|
||||
|
@ -1464,7 +1464,8 @@ output. Users can run any script found in their
|
||||
.Pa ~/.zpool.d
|
||||
directory or from the system
|
||||
.Pa /etc/zfs/zpool.d
|
||||
directory. The default search path can be overridden by setting the
|
||||
directory. Script names containing the slash (/) character are not allowed.
|
||||
The default search path can be overridden by setting the
|
||||
ZPOOL_SCRIPTS_PATH environment variable. A privileged user can run
|
||||
.Fl c
|
||||
if they have the ZPOOL_SCRIPTS_AS_ROOT
|
||||
|
Loading…
Reference in New Issue
Block a user