Re: chown: race condition with --recursive -L

coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: chown: race condition with --recursive -L

From:	Michael Orlitzky
Subject:	Re: chown: race condition with --recursive -L
Date:	Wed, 20 Dec 2017 17:38:28 -0500
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0

On 12/20/2017 04:43 PM, Michael Orlitzky wrote:
> 
> For this to work, you'll need to ensure that your kernel doesn't have
> any nonstandard hardening features enabled:
> 
>   $ sudo sysctl --write fs.protected_symlinks=0
> 
> (Most distributions patch the kernel to enable that feature by default.)
> 

This is a red herring, a relic of some previous version of the exploit.
The one I gave should work regardless of this hardening feature, in most
directories.

[Prev in Thread]

Current Thread

[Next in Thread]

chown: race condition with --recursive -L, Michael Orlitzky, 2017/12/20
- Re: chown: race condition with --recursive -L, Michael Orlitzky <=
- Re: chown: race condition with --recursive -L, Bernhard Voelker, 2017/12/20
  - Re: chown: race condition with --recursive -L, Michael Orlitzky, 2017/12/20
- Re: chown: race condition with --recursive -L, Michael Orlitzky, 2017/12/28
  - Re: chown: race condition with --recursive -L, Bernhard Voelker, 2017/12/28
    - [PATCH 1/2] doc: clarify chown/chgrp --dereference defaults, Michael Orlitzky, 2017/12/28
    - [PATCH 2/2] doc: warn about following symlinks recursively in chown/chgrp, Michael Orlitzky, 2017/12/28

Prev by Date: chown: race condition with --recursive -L
Next by Date: Re: chown: race condition with --recursive -L
Previous by thread: chown: race condition with --recursive -L
Next by thread: Re: chown: race condition with --recursive -L
Index(es):
- Date
- Thread