cached user info: check_privs: print privilege path in error message

As else this is really user unfriendly, and it not printing it has no
advantage. If one doesn't wants to leak resource existence they just
need to *always* check permissions before checking if the requested
resource exists, if that's not done one can leak information also
without getting the path returned (as the system will either print
"resource doesn't exists" or "no permissions" respectively)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2020-07-15 08:33:22 +02:00
parent 37e53b4c07
commit 3cfc56f5c2
1 changed files with 3 additions and 1 deletions

View File

@ -89,7 +89,9 @@ impl CachedUserInfo {
(user_privs & required_privs) == required_privs (user_privs & required_privs) == required_privs
}; };
if !allowed { if !allowed {
bail!("no permissions"); // printing the path doesn't leaks any information as long as we
// always check privilege before resource existence
bail!("no permissions on '/{}'", path.join("/"));
} }
Ok(()) Ok(())
} }