Unlinking objects in a directory with sticky bit set

Matthew Dillon dillon at apollo.backplane.com
Sun May 3 23:25:30 PDT 2009


    The problem is even worse.  rename() doesn't check directory perms
    at all for the source directory on a HAMMER filesystem (because HAMMER
    depends on the kernel to make the checks and doesn't do them itself).
    I blew it.

    That's a huge gaping security hole so we are going to have to
    roll a 2.2.2 this week to correct it.

					-Matt
					Matthew Dillon 
					<dillon at backplane.com>





More information about the Bugs mailing list