diff options
| author | Leah Rowe <leah@libreboot.org> | 2025-09-05 11:46:16 +0100 |
|---|---|---|
| committer | Leah Rowe <leah@libreboot.org> | 2025-09-05 11:46:16 +0100 |
| commit | 5096e0040f3c231393fc8a2b2fa2d344de354158 (patch) | |
| tree | 28ca062e802ab1f33a7f807cbe1cb6506b1bfe97 /mk | |
| parent | d06d6a190569574423ff5e60d27ee7f03208dd16 (diff) | |
mk: hardened PWD check (deny symlinks)
we check if the first argument is "./mk" and bail if not,
which forces you to be in the xbmk work directory.
however, this check is flawed because symlinks were still
possible.
this patch prevents a same-named symlink "mk" pointing to
the real mk from being used.
this hardening is necessary, due to several built-in
assumptions inherent within the design of xbmk.
Signed-off-by: Leah Rowe <leah@libreboot.org>
Diffstat (limited to 'mk')
| -rwxr-xr-x | mk | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -5,7 +5,10 @@ set -u -e -if [ "$0" != "./mk" ]; then +ispwd="true" +[ "$0" = "./mk" ] || ispwd="false" +[ "$ispwd" = "true" ] && [ -L "mk" ] && ispwd="false" +if [ "$ispwd" = "false" ]; then printf "You must run this in the proper work directory.\n" 1>&2 exit 1 fi |