summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsegfault <segfault@riseup.net>2019-01-06 18:29:14 +0100
committersegfault <segfault@riseup.net>2019-01-06 18:29:14 +0100
commite3fa651c6713ae6e4a88412f01a1ceaeb0f69833 (patch)
tree0fee8ca068f70e68f723b1b2cf23e479d0acbf52
parentf7ebd9b6b5c4e2f1f6359eb39012cd55705390ed (diff)
Warn if a debug file is a symlink not owned by the user (refs: #15845)15793-improve-tails-debugging-info
-rwxr-xr-xconfig/chroot_local-includes/usr/local/sbin/tails-debugging-info6
1 files changed, 5 insertions, 1 deletions
diff --git a/config/chroot_local-includes/usr/local/sbin/tails-debugging-info b/config/chroot_local-includes/usr/local/sbin/tails-debugging-info
index a0babde..be5b9c4 100755
--- a/config/chroot_local-includes/usr/local/sbin/tails-debugging-info
+++ b/config/chroot_local-includes/usr/local/sbin/tails-debugging-info
@@ -102,10 +102,14 @@ def debug_file(user, filename):
# This check is not sufficient, see the comment at the top of the file
# for the complete requirements required for security
- owner = getpwuid(os.stat(filename).st_uid).pw_name
+ owner = getpwuid(os.stat(filename, follow_symlinks=False).st_uid).pw_name
if owner != user:
return {'key': filename, 'content': '''WARNING: not opening file {}, because it is '''
'''owned by {} instead of {}'''.format(filename, owner, user)}
+ target_owner = getpwuid(os.stat(filename, follow_symlinks=True).st_uid).pw_name
+ if target_owner != user:
+ return {'key': filename, 'content': '''WARNING: not opening file {}, because it is '''
+ '''a symlink owned by {} instead of {}'''.format(filename, target_owner, user)}
file_content = []
with open(filename) as f: