Kernel: Enforce file system veil on file creation

Fixes #1621.
Author: https://github.com/awesomekling Commit: https://github.com/SerenityOS/serenity/commit/54cb1e36b6b
2024-12-29 14:14:45 +03:00 · 2020-04-04 16:40:36 +02:00 · 2020-04-04 16:40:36 +02:00 · 54cb1e36b6 · 2024-07-19 07:56:17 +09:00
commit 54cb1e36b6
parent 2944039d6b
1 changed files with 4 additions and 0 deletions
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@ -305,6 +305,10 @@ KResult VFS::mknod(StringView path, mode_t mode, dev_t dev, Custody& base)

 KResultOr<NonnullRefPtr<FileDescription>> VFS::create(StringView path, int options, mode_t mode, Custody& parent_custody, Optional<UidAndGid> owner)
 {
+    auto result = validate_path_against_process_veil(path, options);
+    if (result.is_error())
+        return result;
+
    if (!is_socket(mode) && !is_fifo(mode) && !is_block_device(mode) && !is_character_device(mode)) {
        // Turn it into a regular file. (This feels rather hackish.)
        mode |= 0100000;