[crash-reporter] Move flag files to /var/run from /tmp
The kernel-crash-detected and unclean-shutdown-detected flag files
needed to move out of /tmp to protect against symlink attacks by
a non-root user. /var/run is owned by root, so non-privileged
users can't write there.
BUG=chromium-os:17085
TEST=unit
TEST=logging_CrashSender,logging_UserCrash
STATUS=Fixed
Change-Id: Ibf9b314f1a03ee984eea2acf6007c120aa300dd1
Reviewed-on: https://gerrit.chromium.org/gerrit/16751
Tested-by: Chris Masone <cmasone@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Commit-Ready: Chris Masone <cmasone@chromium.org>
diff --git a/crash_reporter/crash_reporter.cc b/crash_reporter/crash_reporter.cc
index 42998e9..ac3964b 100644
--- a/crash_reporter/crash_reporter.cc
+++ b/crash_reporter/crash_reporter.cc
@@ -32,6 +32,9 @@
"org.chromium.CrashReporter.UserCrash";
static const char kUncleanShutdownFile[] =
"/var/lib/crash_reporter/pending_clean_shutdown";
+static const char kKernelCrashDetected[] = "/var/run/kernel-crash-detected";
+static const char kUncleanShutdownDetected[] =
+ "/var/run/unclean-shutdown-detected";
// Enumeration of kinds of crashes to be used in the CrashCounter histogram.
@@ -121,11 +124,11 @@
// the last kernel crash.
if (IsFeedbackAllowed()) {
if (was_kernel_crash) {
- TouchFile(FilePath("/tmp/kernel-crash-detected"));
+ TouchFile(FilePath(kKernelCrashDetected));
} else if (was_unclean_shutdown) {
// We only count an unclean shutdown if it did not come with
// an associated kernel crash.
- TouchFile(FilePath("/tmp/unclean-shutdown-detected"));
+ TouchFile(FilePath(kUncleanShutdownDetected));
}
}