diff options
author | Ikey Doherty <[email protected]> | 2017-07-20 08:16:37 +0100 |
---|---|---|
committer | lukefromdc <[email protected]> | 2017-08-22 01:51:22 -0400 |
commit | 61fa153540c2931cbd7afe62752326d63b63b819 (patch) | |
tree | ca087a7c2f27b64379cee9097c416ff58ab56400 | |
parent | ac12e6d16f4a51b3327d013781e72cfec17f3624 (diff) | |
download | caja-61fa153540c2931cbd7afe62752326d63b63b819.tar.bz2 caja-61fa153540c2931cbd7afe62752326d63b63b819.tar.xz |
private: Ensure we allow launching .desktop files from trusted symlinks
When a file is a symlink to one of the XDG data dirs, we'll allow that
link to work, as they're vendor provided and not world-writeable by a
malicious entity.
This lookup is handled by the "is_system_dir" logic, to ensure that whatever
the .desktop symlink is pointing at is already implicitly whitelisted. This
allows for vendor provided "default" symlinks on within user directories,
such as installer shortcuts for LiveCDs, etc.
Signed-off-by: Ikey Doherty <[email protected]>
-rw-r--r-- | libcaja-private/caja-directory-async.c | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/libcaja-private/caja-directory-async.c b/libcaja-private/caja-directory-async.c index d003eb23..069f5523 100644 --- a/libcaja-private/caja-directory-async.c +++ b/libcaja-private/caja-directory-async.c @@ -3802,6 +3802,43 @@ file_info_start (CajaDirectory *directory, g_object_unref (location); } +static gboolean is_trusted_system_desktop_file (GFile *file) +{ + gboolean res = FALSE; + GFileInfo *info; + const gchar *target = NULL; + GFile *location = NULL; + + info = g_file_query_info (file, + G_FILE_ATTRIBUTE_STANDARD_TYPE "," + G_FILE_ATTRIBUTE_STANDARD_SYMLINK_TARGET, + G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS, + NULL, + NULL); + + if (info == NULL) + { + return FALSE; + } + + target = g_file_info_get_symlink_target (info); + if (!target) { + goto done; + } + + location = g_file_new_for_path (target); + + res = caja_is_in_system_dir (location); + +done: + if (location) { + g_object_unref (location); + } + g_object_unref (info); + + return res; +} + static gboolean is_link_trusted (CajaFile *file, gboolean is_launcher) @@ -3825,6 +3862,11 @@ is_link_trusted (CajaFile *file, { location = caja_file_get_location (file); res = caja_is_in_system_dir (location); + + if (!res) { + res = is_trusted_system_desktop_file (location); + } + g_object_unref (location); } |