projects / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: da52214) | patch
chown-recursive: let's rework the recursive logic to use O_PATH
authorLennart Poettering <lennart@poettering.net>
Fri, 19 Oct 2018 09:26:59 +0000 (11:26 +0200)
committerMichael Biebl <biebl@debian.org>
Sat, 17 Nov 2018 17:39:21 +0000 (17:39 +0000)
commitfc69f35b410be3b66df77049a2b23b65a29cfc8c
treea25e7315c503c454212b166279332ee42e4ae399tree | snapshot
parentda52214e993ad52959e985b9652dcd4e9662541bcommit | diff
chown-recursive: let's rework the recursive logic to use O_PATH

That way we can pin a specific inode and analyze it and manipulate it
without it being swapped out beneath our hands.

Fixes a vulnerability originally found by Jann Horn from Google.

CVE-2018-15687
LP: #1796692
https://bugzilla.redhat.com/show_bug.cgi?id=1639076

(cherry picked from commit 5de6cce58b3e8b79239b6e83653459d91af6e57c)

Gbp-Pq: Name chown-recursive-let-s-rework-the-recursive-logic-to-use-O.patch
src/core/chown-recursive.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.