valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

[Fix #1367] Disable user-controlled FIFO reads

Browse Source
This commit is contained in:
Teddy Reed 2015-07-22 10:15:39 -07:00
parent ca09fdb9f8
commit ad94eaf0b8
2 changed files with 2 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
osquery/filesystem/filesystem.cpp
View File

@ -72,6 +72,8 @@ Status readFile(const fs::path& path, std::string& content, bool dry_run) {
if (stat(path.string().c_str(), &file) < 0) {
return Status(1, "Cannot access path: " + path.string());
} else if (file.st_uid != 0 && S_ISFIFO(file.st_mode)) {
return Status(1, "User FIFO reads are disabled");
}
// Apply the max byte-read based on file/link target ownership.

7
osquery/tables/utility/file.cpp
View File

@ -71,10 +71,6 @@ QueryData genFile(QueryContext& context) {
auto paths = context.constraints["path"].getAll(EQUALS);
for (const auto& path_string : paths) {
if (!isReadable(path_string)) {
continue;
}
fs::path path = path_string;
genFileInfo(path_string,
path.filename().string(),
@ -120,9 +116,6 @@ QueryData genFile(QueryContext& context) {
}
for (const auto& resolved : expanded_patterns) {
if (!isReadable(resolved)) {
continue;
}
fs::path path = resolved;
genFileInfo(resolved,
path.filename().string(),