Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: overwrite report file rather than unlink it when -f option is set #1041

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: overwrite report file rather than unlink it when -f option is set #1041

wants to merge 1 commit into from

Conversation

qkaiser
Copy link
Contributor

@qkaiser qkaiser commented Dec 23, 2024

Since the introduction of landlock, we only have read-write permissions on the report and log files. We do not have the permission to unlink it, so we overwrite the content instead of unlinking the file.

This is what happens with the current code:

unblob -vvv --log unblob.log --report unblob.json -f -k -e /tmp/out /tmp/input/RAXE500-V1.2.13.100_2.0.54.zip 
2024-12-23 09:34.18 [debug    ] Logging configured             extract_root=. pid=126119 vebosity_level=3
2024-12-23 09:34.18 [info     ] Start processing file          file=/tmp/input/RAXE500-V1.2.13.100_2.0.54.zip pid=126119
2024-12-23 09:34.18 [info     ] Activated FS access restrictions; rules=[Read("/"), ReadWrite("/dev/shm"), ReadWrite("/tmp/out"), MakeDir("/tmp"), ReadWrite("unblob.log"), ReadWrite("unblob.json"), MakeReg(".")], status=FullyEnforced pid=126119
2024-12-23 09:34.18 [info     ] Removing extract dir           path=RAXE500-V1.2.13.100_2.0.54.zip_extract pid=126119
2024-12-23 09:34.18 [warning  ] Removing existing report file  path=unblob.json pid=126119
2024-12-23 09:34.18 [error    ] Can not remove existing report file msg=[Errno 13] Permission denied: 'unblob.json' path=unblob.json pid=126119
2024-12-23 09:34.18 [error    ] File not processed, as report could not be written file=/tmp/input/RAXE500-V1.2.13.100_2.0.54.zip pid=126119

@qkaiser
fix: overwrite report file rather than unlink it when -f option is set
1417dd4 
Since the introduction of landlock, we only have read-write permissions
on the report and log files. We do not have the permission to unlink it,
so we overwrite the content instead of unlinking the file.
@qkaiser qkaiser added bug Something isn't working python Pull requests that update Python code labels Dec 23, 2024
@qkaiser qkaiser requested review from e3krisztian and vlaci December 23, 2024 09:35
@qkaiser qkaiser self-assigned this Dec 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@e3krisztian e3krisztian Awaiting requested review from e3krisztian

@vlaci vlaci Awaiting requested review from vlaci

At least 1 approving review is required to merge this pull request.

Assignees

@qkaiser qkaiser

Labels
bug Something isn't working python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@qkaiser