Mirrors_Framework/mosquitto
1
0
Fork 0
mirror of https://github.com/eclipse-mosquitto/mosquitto.git synced 2026-02-05 18:50:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add MOSQUITTO_UNSAFE_ALLOW_SYMLINKS env var

Browse Source 
Setting this environment variable allows sensitive files to be read
through symlinks.

Closes #3461. Thanks to Jeff Cutsinger
This commit is contained in:
Roger A. Light
2026-02-02 14:23:57 +00:00
parent d4b5adbd49
commit 16f41e61fc
11 changed files with 173 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libcommon/file_common.c
View File

@@ -166,7 +166,10 @@ FILE *mosquitto_fopen(const char *path, const char *mode, bool restrict_read)
old_mask = umask(0077);
int open_flags = O_NOFOLLOW;
int open_flags = 0;
if(!getenv("MOSQUITTO_UNSAFE_ALLOW_SYMLINKS")){
open_flags |= O_NOFOLLOW;
}
for(size_t i = 0; i<strlen(mode); i++){
if(mode[i] == 'r'){
open_flags |= O_RDONLY;