nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-23 20:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'sandbox-bwauth' into 'main'

Browse Source 
fix sandbox for bandwidth authority

Closes #40933

See merge request tpo/core/tor!821
This commit is contained in:
David Goulet 2024-06-18 13:10:19 +00:00
commit 7ce17c6c40
3 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changes/bug40933 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (sandbox, bwauth):
- Fix sandbox to work for bandwidth authority. Fixes bug 40933; bugfix on
0.2.2.1-alpha

5
src/app/main/main.c
View File

@ -926,6 +926,11 @@ sandbox_init_filter(void)
OPEN_DATADIR("approved-routers"); OPEN_DATADIR("approved-routers");
OPEN_DATADIR_SUFFIX("my-consensus-microdesc", ".tmp"); OPEN_DATADIR_SUFFIX("my-consensus-microdesc", ".tmp");
OPEN_DATADIR_SUFFIX("my-consensus-ns", ".tmp"); OPEN_DATADIR_SUFFIX("my-consensus-ns", ".tmp");
if (options->V3BandwidthsFile) {
log_notice(LD_GENERAL, "Adding V3BandwidthsFile %s to sandboxing set.",
options->V3BandwidthsFile);
OPEN(options->V3BandwidthsFile);
}
} }
if (options->ServerDNSResolvConfFile) if (options->ServerDNSResolvConfFile)

3
src/lib/fs/files.c
View File

@ -85,7 +85,8 @@ tor_open_cloexec(const char *path, int flags, unsigned mode)
FILE * FILE *
tor_fopen_cloexec(const char *path, const char *mode) tor_fopen_cloexec(const char *path, const char *mode)
{ {
FILE *result = fopen(path, mode); const char *p = sandbox_intern_string(path);
FILE *result = fopen(p, mode);
#ifdef FD_CLOEXEC #ifdef FD_CLOEXEC
if (result != NULL) { if (result != NULL) {
if (fcntl(fileno(result), F_SETFD, FD_CLOEXEC) == -1) { if (fcntl(fileno(result), F_SETFD, FD_CLOEXEC) == -1) {