updated README

2019-11-15 21:53:26 +01:00 · 2019-11-15 21:53:26 +01:00 · 1b8504c052
commit 1b8504c052
parent 6f1b27ee51
2 changed files with 62 additions and 14 deletions
--- a/README.md
+++ b/README.md
@ -1,10 +1,13 @@
-qssb (quite simple sandbox)
-===========================
-qssb.h is a simple header only library for easy sandboxing of
-applications.
+qssb.h (quite simple sandbox)
+=============================
+qssb.h is a simple header only library that provides an interface
+to sandbox applications. Using Seccomp and Linux Namespaces for that
+purpose requires some knowledge of annoying details which this library
+aims to abstract away as much as possible.

-It aims to provide an interface to avoid the annoying details that
-using Seccomp and Linux Namespaces requires.
+Status
+======
+No release yet, API is unstable.

 Features
 ========
@ -13,11 +16,25 @@ privileges, isolating the application from the network, etc.

 Requirements
 ============
-Kernel x.y.z.
+Kernel >=3.17
+sys/capabilities.h header. Depending on your system, libcap
+might be needed for this.

-Status
-======
-No release yet, API is unstable.
+
+
+FAQ
+===
+
+Does the process need to be priviliged to utilize the library?
+----------------------------------------------------------------
+No.
+
+It doesn't work on Debian!
+--------------------------
+You can thank a Debian-specific patch for that. In the future,
+the library may check against that. Execute
+echo 1 > /proc/sys/kernel/unprivileged_userns_clone to disable that
+patch for now.

 Documentation
 =============
@ -30,7 +47,7 @@ Real world project: cgit sandboxed: https://git.quitesimple.org/cgitsb

 Contributing
 ============
-Contributations are very welcome. Options: 
+Contributions are very welcome. Options: 
 1) Pull-Request: github.com/quitesimpleorg/qssb 
 2) Mail to qssb at quitesimple.org with instructions
 on where to pull the changes.
--- a/qssb.h
+++ b/qssb.h
@ -140,7 +140,18 @@ int random_string(char *buffer, size_t buffer_length)
 static int mkdir_structure(const char *p, mode_t mode)
 {
 	char path[PATH_MAX] = { 0 };
-	snprintf(path, sizeof(path), "%s/", p);
+	int res = snprintf(path, sizeof(path), "%s/", p);
+	if(res < 0)
+	{
+		QSSB_LOG_ERROR("qssb: mkdir_strucutre: error during path concatination\n");
+		return -EINVAL;
+	}
+	if(res >= PATH_MAX)
+	{
+		QSSB_LOG_ERROR("qssb: mkdir_structure: path concatination truncated\n");
+		return -EINVAL;
+	}
+

 	char *begin = path;
 	char *end = begin+1;
@ -193,7 +204,17 @@ static int mount_to_chroot(const char *chroot_target_path, char **paths, unsigne
 	while(path != NULL)
 	{
 		char path_inside_chroot[PATH_MAX];
-		snprintf(path_inside_chroot, sizeof(path_inside_chroot), "%s/%s", chroot_target_path, path);
+		int written = snprintf(path_inside_chroot, sizeof(path_inside_chroot), "%s/%s", chroot_target_path, path);
+		if(written < 0)
+		{
+			QSSB_LOG_ERROR("qssb: mount_to_chroot: Error during path concatination\n");
+			return -EINVAL;
+		}
+		if(written >= PATH_MAX)
+		{
+			QSSB_LOG_ERROR("qssb: mount_to_chroot: path concatination truncated\n");
+			return -EINVAL;
+		}
 		int ret = mkdir_structure(path_inside_chroot, 0700);
 		if(ret < 0)
 		{
@ -404,7 +425,17 @@ int qssb_enable_policy(struct qssb_policy *policy)
 		char random_str[17];
 		if(random_string(random_str, sizeof(random_str)) == 16)
 		{
-			snprintf(target_dir, sizeof(target_dir), "%s/.sandbox_%" PRIdMAX "_%s", QSSB_TEMP_DIR, (intmax_t)getpid(), random_str);
+			int res = snprintf(target_dir, sizeof(target_dir), "%s/.sandbox_%" PRIdMAX "_%s", QSSB_TEMP_DIR, (intmax_t)getpid(), random_str);
+			if(res < 0)
+			{
+				QSSB_LOG_ERROR("qssb: qssb_enable_policy: error during path concatination\n");
+				return -EINVAL;
+			}
+			if(res >= PATH_MAX)
+			{
+				QSSB_LOG_ERROR("qssb: qssb_enable_policy: path concatination truncated\n");
+				return -EINVAL;
+			}
 			policy->chroot_target_path = target_dir;
 		}
 		else