projects / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9cc05c2) | patch
chown-recursive: let's rework the recursive logic to use O_PATH
authorLennart Poettering <lennart@poettering.net>
Fri, 19 Oct 2018 09:26:59 +0000 (11:26 +0200)
committerMichael Biebl <biebl@debian.org>
Tue, 20 Nov 2018 18:44:39 +0000 (18:44 +0000)
commitde20633d759cd2a124742edbcc52f331eb7319f5
treea96418e8c9099325deecacaa1d74aab00e1d2bd0tree | snapshot
parent9cc05c2437d7f3495b9153f70cd38f0965c23c54commit | diff
chown-recursive: let's rework the recursive logic to use O_PATH

That way we can pin a specific inode and analyze it and manipulate it
without it being swapped out beneath our hands.

Fixes a vulnerability originally found by Jann Horn from Google.

CVE-2018-15687
LP: #1796692
https://bugzilla.redhat.com/show_bug.cgi?id=1639076

(cherry picked from commit 5de6cce58b3e8b79239b6e83653459d91af6e57c)

Gbp-Pq: Name chown-recursive-let-s-rework-the-recursive-logic-to-use-O.patch
src/core/chown-recursive.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.