Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
bc8a6a0a20
core-agent-linux/qubes-rpc
History
Marek Marczykowski-Górecki efc7d4d1f2 filecopy: prevent files/dirs movement outside incoming directory during transfer 
Otherwise, when the user moves directory, which is still in transfer,
somewhere else, it could allow malicious source domain to escape chroot
and place a file in arbitrary location.

It looks like bind mount is just enough - simple rename fails with
EXDEV, so tools are forced to perform copy+delete, which is enough to
keep unpacker process away from new file location.

One inconvenient detail is that we must clean the mount after transfer
finishes, so root perms cannot be dropped completely. We keep separate
process for only that reason.
2015-01-30 00:45:04 +01:00
..
.gitignore The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
dvm2.h The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
gui-fatal.c qrexec: check for setuid() error when calling zenity/kdialog 2014-09-29 21:05:32 +02:00
gui-fatal.h The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
Makefile Enable compiler optimization. 2014-04-22 00:57:36 +02:00
prepare-suspend suspend: do not disable network frontend devices 2014-10-27 15:07:06 +01:00
qfile-agent.c Fix compiler warnings. 2014-04-22 00:56:52 +02:00
qfile-unpacker.c filecopy: prevent files/dirs movement outside incoming directory during transfer 2015-01-30 00:45:04 +01:00
qfile-utils.c Fix compiler warnings. 2014-04-22 00:56:52 +02:00
qfile-utils.h core-agent-linux: misc const/void fixups 2014-01-06 17:57:42 +01:00
qopen-in-vm.c Fix compiler warnings. 2014-04-22 00:56:52 +02:00
qrun-in-vm The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.Backup backups: fix timestamp in backup filename (once again...) 2014-02-02 13:36:59 +01:00
qubes.DetachPciDevice Add qubes.DetachPciDevice for live PCI detach (#708) 2013-09-01 01:28:07 +02:00
qubes.Filecopy The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.Filecopy.policy The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.GetAppmenus Improve handling of .desktop files 2014-10-27 12:25:45 +01:00
qubes.GetImageRGBA qubes.GetImageRGBA: bugfixes 2014-02-04 00:36:30 +01:00
qubes.OpenInVM The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.OpenInVM.policy The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.Restore minor whitespace fix 2013-11-24 04:45:36 +01:00
qubes.SelectDirectory qubes-rpc: introduce services for browsing VM filesystem 2014-01-13 05:07:23 +01:00
qubes.SelectFile qubes-rpc: introduce services for browsing VM filesystem 2014-01-13 05:07:23 +01:00
qubes.SetDateTime Introduce qubes.SetDateTime service for time synchronization 2014-10-01 05:40:23 +02:00
qubes.SuspendPost The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.SuspendPre The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.SyncNtpClock The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.VMShell The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.VMShell.policy The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qubes.WaitForSession Hide errors from qubes.WaitForSession 2013-12-15 05:36:43 +01:00
qvm-copy-gnome.desktop The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qvm-copy-to-vm qvm-copy-to-vm: implement --ignore-symlinks option 2013-08-14 22:12:46 +02:00
qvm-copy-to-vm.gnome qvm-copy-to-vm: implement --ignore-symlinks option 2013-08-14 22:12:46 +02:00
qvm-copy-to-vm.kde qvm-copy-to-vm: implement --ignore-symlinks option 2013-08-14 22:12:46 +02:00
qvm-copy.desktop The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qvm-dvm-gnome.desktop The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qvm-dvm.desktop The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qvm-move-gnome.desktop Implement "Move to VM" action (#725) 2014-03-24 05:19:16 +01:00
qvm-move-to-vm Implement "Move to VM" action (#725) 2014-03-24 05:19:16 +01:00
qvm-move-to-vm.gnome Implement "Move to VM" action (#725) 2014-03-24 05:19:16 +01:00
qvm-move-to-vm.kde Implement "Move to VM" action (#725) 2014-03-24 05:19:16 +01:00
qvm-move.desktop Implement "Move to VM" action (#725) 2014-03-24 05:19:16 +01:00
qvm-mru-entry The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
qvm-open-in-dvm The Underscores Revolution: adjust qrexec path 2013-03-14 04:29:19 +01:00
qvm-open-in-vm qvm-open-in-vm: fix path for URL wrapper 2013-11-14 21:37:16 +01:00
qvm-run Add --dispvm to qvm-run documentation 2014-05-25 00:54:55 +02:00
sync-ntp-clock The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00
tar2qfile.c Fix compiler warnings. 2014-04-22 00:56:52 +02:00
vm-file-editor.c vm-file-editor: remove temporary file on exit 2014-05-10 12:42:13 +02:00
wrap-in-html-if-url.sh The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00