From cceeb1def62ef78fed802684e9500cfa1aefa6b3 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Wed, 13 May 2026 10:30:20 -0400 Subject: [PATCH] sandbox/seunshare: verify RUNTIME_DIR before use Content-type: text/plain RUNTIME_DIR can be inherited from XDG_RUNTIME_DIR or set to a default path. Regardless, we should verify it the same way as the other user-supplied directories before first use. Signed-off-by: Stephen Smalley --- sandbox/seunshare.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c index 945a3b21c1cc..89180d0aa1ed 100644 --- a/sandbox/seunshare.c +++ b/sandbox/seunshare.c @@ -964,6 +964,15 @@ int main(int argc, char **argv) { } } + if (runuserdir_s) { + struct stat sb; + + if (verify_directory(RUNTIME_DIR, NULL, &sb) < 0 || + check_owner_uid(uid, RUNTIME_DIR, &sb) < 0) + goto childerr; + + } + if ((XDG_SESSION_TYPE = getenv("XDG_SESSION_TYPE")) != NULL) { if ((XDG_SESSION_TYPE = strdup(XDG_SESSION_TYPE)) == NULL) { perror(_("Out of memory")); -- 2.54.0