Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions src/backends/bubblewrap/common/src/bwrap_runner.rs
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,13 @@ impl SandboxBackend for BubblewrapScriptRunner {
Ok(None) => request,
Err(msg) => return Err(ScriptResponse::error(&msg)),
};
// Delegation check (D3): reject any policy path the invoking user cannot
// access, so the sandbox never gains access the caller lacks. Runs AFTER
// object normalization so it is evaluated against the already-tightened
// intents (a path moved rw -> denied must not then require write access).
if let Err(msg) = wxc_common::filesystem_access::check_delegation(&request.policy) {
return Err(ScriptResponse::error(&msg));
}
let child = self.spawn_bwrap(request, logger, stdio)?;
Ok(Box::new(BubblewrapSandboxProcess::new(child)))
}
Expand Down
7 changes: 7 additions & 0 deletions src/backends/lxc/common/src/lxc_runner.rs
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,13 @@ impl LxcScriptRunner {
Ok(None) => request,
Err(msg) => return ScriptResponse::error(&msg),
};
// Delegation check (D3): reject any policy path the invoking user cannot
// access, so the sandbox never gains access the caller lacks. Runs AFTER
// object normalization so it is evaluated against the already-tightened
// intents.
if let Err(msg) = wxc_common::filesystem_access::check_delegation(&request.policy) {
return ScriptResponse::error(&msg);
}

// Validate required LXC fields
if self.config.distribution.is_empty() || self.config.release.is_empty() {
Expand Down
8 changes: 8 additions & 0 deletions src/backends/wslc/common/src/wsl_container_runner.rs
Original file line number Diff line number Diff line change
Expand Up @@ -878,6 +878,14 @@ impl WSLContainerRunner {
Ok(None) => request,
Err(msg) => return ScriptResponse::error(&msg),
};
// Delegation check (D3): reject any policy path the invoking user cannot
// access, so the sandbox never gains access the caller lacks. Runs AFTER
// object normalization so it is evaluated against the already-tightened
// intents. On Windows this covers directory readwrite paths (the common
// WSLC case).
if let Err(msg) = wxc_common::filesystem_access::check_delegation(&request.policy) {
return ScriptResponse::error(&msg);
}

// -- Init: COM + SDK + preflight --
let sdk = match Self::init_and_load_sdk(logger) {
Expand Down
Loading
Loading