| commit | 425b8a2f534fe02e8c1e39ad6a3d2c18eca12de3 | |
| author | Pádraig Brady <P@draigBrady.com> | |
| Tue, 19 Mar 2024 23:34:31 +0000 (19 23:34 +0000) | ||
| committer | Pádraig Brady <P@draigBrady.com> | |
| Tue, 19 Mar 2024 23:56:45 +0000 (19 23:56 +0000) | ||
| tree | ecd1d754d19dce0c8d3e6bf0e89607b211ee6af2 | treesnapshot (tar.gz zip) |
| parent | 07a69fc3ba717b879218592db685a1c79869cb28 | commitdiff |
chmod: fix TOCTOU security issue with symlink replacement
This is an issue with -[H]R mode, where an attacker
may replace a traversed file with a symlink
between where we stat() the file and chmod() the file.
* src/chmod.c (process_file): Remove the first !S_ISLNK guard
as that's now just an optimization, and instead consistently
apply fchmodat() to files/symlinks. Ensure AT_SYMLINK_NOFOLLOW
is set when traversing in default (-H) mode.
* NEWS: Mention the bug fix.
Fixes https://bugs.gnu.org/11108
This is an issue with -[H]R mode, where an attacker
may replace a traversed file with a symlink
between where we stat() the file and chmod() the file.
* src/chmod.c (process_file): Remove the first !S_ISLNK guard
as that's now just an optimization, and instead consistently
apply fchmodat() to files/symlinks. Ensure AT_SYMLINK_NOFOLLOW
is set when traversing in default (-H) mode.
* NEWS: Mention the bug fix.
Fixes https://bugs.gnu.org/11108
| NEWS | diffblobblamehistory | |
| src/chmod.c | diffblobblamehistory |