From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 7D597138454 for ; Fri, 11 Sep 2015 07:53:54 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 58AA821C039; Fri, 11 Sep 2015 07:53:32 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B5B38E086F for ; Fri, 11 Sep 2015 07:53:29 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 0B33B340A60 for ; Fri, 11 Sep 2015 07:53:29 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id B3CE9182 for ; Fri, 11 Sep 2015 07:53:27 +0000 (UTC) From: "Mike Frysinger" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" Message-ID: <1361768237.d6af3ad271c3893419962059092eea29ffb4f507.vapier@gentoo> Subject: [gentoo-commits] proj/sandbox:master commit in: src/ X-VCS-Repository: proj/sandbox X-VCS-Files: src/sandbox.c X-VCS-Directories: src/ X-VCS-Committer: vapier X-VCS-Committer-Name: Mike Frysinger X-VCS-Revision: d6af3ad271c3893419962059092eea29ffb4f507 X-VCS-Branch: master Date: Fri, 11 Sep 2015 07:53:27 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 7323e513-79b2-42bf-a52d-a6af2d13731b X-Archives-Hash: 12256338740f728adf244118ea170e00 commit: d6af3ad271c3893419962059092eea29ffb4f507 Author: Mike Frysinger gentoo org> AuthorDate: Mon Feb 25 04:57:17 2013 +0000 Commit: Mike Frysinger gentoo org> CommitDate: Mon Feb 25 04:57:17 2013 +0000 URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=d6af3ad2 sandbox: do not resolve target of stderr The recent e12fee192ac8b0343a468e5a8f7811a7b029ff9a commit does not handle things when stderr is connected to a real file (e.g. a pipe or a socket or fifo or ...). It also does not play well to have multiple things writing to the same file through different fds. Signed-off-by: Mike Frysinger gentoo.org> src/sandbox.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/sandbox.c b/src/sandbox.c index 51f2d95..3783bca 100644 --- a/src/sandbox.c +++ b/src/sandbox.c @@ -82,15 +82,18 @@ static int setup_sandbox(struct sandbox_info_t *sandbox_info, bool interactive) } /* Generate sandbox message path -- this process's stderr */ - char path[SB_PATH_MAX]; - sprintf(path, "%s/2", sb_get_fd_dir()); - if (realpath(path, sandbox_info->sandbox_message_path) == NULL) { - sb_pwarn("could not read stderr path: %s", path); + const char *fdpath = sb_get_fd_dir(); + if (realpath(fdpath, sandbox_info->sandbox_message_path) == NULL) { + sb_pwarn("could not read fd path: %s", fdpath); if (realpath(sbio_fallback_path, sandbox_info->sandbox_message_path)) { sb_pwarn("could not read stderr path: %s", sbio_fallback_path); /* fuck it */ strcpy(sandbox_info->sandbox_message_path, sbio_fallback_path); } + } else { + /* Do not resolve the target of stderr because it could be something + * that doesn't exist on the fs. Like a pipe (`tee` and such). */ + strcat(sandbox_info->sandbox_message_path, "/2"); } return 0;