projects / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4aca50b) | patch
chown-recursive: let's rework the recursive logic to use O_PATH
authorLennart Poettering <lennart@poettering.net>
Fri, 19 Oct 2018 09:26:59 +0000 (11:26 +0200)
committerFelipe Sateler <fsateler@debian.org>
Thu, 6 Dec 2018 00:03:34 +0000 (00:03 +0000)
commitaebc3aec85b79b647c784e61a7238a0578e5704b
tree60e55d7f54d2e956b057feb8403002bb9853166etree | snapshot
parent4aca50b04fb175d2118c4e096d6cad1abed26df6commit | diff
chown-recursive: let's rework the recursive logic to use O_PATH

That way we can pin a specific inode and analyze it and manipulate it
without it being swapped out beneath our hands.

Fixes a vulnerability originally found by Jann Horn from Google.

CVE-2018-15687
LP: #1796692
https://bugzilla.redhat.com/show_bug.cgi?id=1639076

(cherry picked from commit 5de6cce58b3e8b79239b6e83653459d91af6e57c)

Gbp-Pq: Name chown-recursive-let-s-rework-the-recursive-logic-to-use-O.patch
src/core/chown-recursive.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.