git: kernel - Fix serious permissions bug for sticky directories
Matthew Dillon
dillon at crater.dragonflybsd.org
Fri Aug 4 21:49:05 PDT 2017
commit 4477e30ad9b9b43af1dacde9353043461e7cbf0d
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Fri Aug 4 21:38:10 2017 -0700
kernel - Fix serious permissions bug for sticky directories
* An optimization improperly bypassed the sticky-bit test, creating
a security issue with /tmp and /var/tmp.
* Fix by disabling the optimization for the second-to-last path component.
Any prior components retain the optimization, so long directory paths
are still well-optimized.
Summary of changes:
sys/kern/vfs_nlookup.c | 36 ++++++++++++++++++++++++++++--------
1 file changed, 28 insertions(+), 8 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4477e30ad9b9b43af1dacde9353043461e7cbf0d
--
DragonFly BSD source repository
More information about the Commits
mailing list