Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 396408 Details for
Bug 540006
[Auditing] sys-apps/openrc: checkpath: {hard,symbolic} link as possible attack vector to gain privilege escalation
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch from debian kernels (post 3.6)
fs-enable-link-security-restrictions-by-default.patch (text/plain), 717 bytes, created by
Daniel Kahn Gillmor
on 2015-02-13 20:02:38 UTC
(
hide
)
Description:
patch from debian kernels (post 3.6)
Filename:
MIME Type:
Creator:
Daniel Kahn Gillmor
Created:
2015-02-13 20:02:38 UTC
Size:
717 bytes
patch
obsolete
>From: Ben Hutchings <ben@decadent.org.uk> >Subject: fs: Enable link security restrictions by default >Date: Fri, 02 Nov 2012 05:32:06 +0000 >Bug-Debian: https://bugs.debian.org/609455 >Forwarded: not-needed > >This reverts commit 561ec64ae67ef25cac8d72bb9c4bfc955edfd415 >('VFS: don't do protected {sym,hard}links by default'). > >--- a/fs/namei.c >+++ b/fs/namei.c >@@ -651,8 +651,8 @@ static inline void put_link(struct namei > path_put(link); > } > >-int sysctl_protected_symlinks __read_mostly = 0; >-int sysctl_protected_hardlinks __read_mostly = 0; >+int sysctl_protected_symlinks __read_mostly = 1; >+int sysctl_protected_hardlinks __read_mostly = 1; > > /** > * may_follow_link - Check symlink following for unsafe situations
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=396408">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 540006
: 396408 |
396558
|
396990
|
396992
|
396998
