loolwsd/LOOLKit.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
New commits: commit f2eec85b2a84d58eb2d125f1a826d71fdcd85d4b Author: Ashod Nakashian <ashod.nakash...@collabora.co.uk> Date: Sun Mar 13 11:02:47 2016 -0400 loolwsd: jailId ought be random, but must be PID Ideally, we will have a randomized path for the jails. Unfortunately, this will make it harder to cleanup after an ungraceful exit of a child, including recovery of docs etc. Having a PID for the jailId makes this issue easier by implicitly implying the jail path for a given child. To prevent security leaks, we should at least randomize the doc directory within the jail, as such: /chroot/<pid>/user/docs/<rand>/ For now we use jailId=pid=rand. Change-Id: I948fba0aaef725c9c059780df0a184a86569d898 Reviewed-on: https://gerrit.libreoffice.org/23223 Reviewed-by: Ashod Nakashian <ashnak...@gmail.com> Tested-by: Ashod Nakashian <ashnak...@gmail.com> diff --git a/loolwsd/LOOLKit.cpp b/loolwsd/LOOLKit.cpp index 36ae9b4..dcf5e61 100644 --- a/loolwsd/LOOLKit.cpp +++ b/loolwsd/LOOLKit.cpp @@ -784,7 +784,10 @@ void lokit_main(const std::string& childRoot, std::map<std::string, std::shared_ptr<Document>> _documents; - static const std::string jailId = Util::encodeId(Util::rng::getNext()); + // Ideally this will be a random ID, but broker will cleanup + // our jail directory when we die, and it's simpler to know + // the jailId (i.e. the path) implicitly by knowing our pid. + static const std::string jailId = std::to_string(Process::id()); static const std::string process_name = "loolkit"; if (prctl(PR_SET_NAME, reinterpret_cast<unsigned long>(process_name.c_str()), 0, 0, 0) != 0) _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits