source-git / rpm

Clone
Source Code
GIT

8875a7 Fix nasty --setperms/--setugids regression in 4.14.2 (RhBug: 1640470)

1 file Authored by Panu Matilainen 4 years ago, Committed by Hunor Csomortáni 4 years ago,
raw patch tree parent
1 file changed. 2 lines added. 2 lines removed.
rpmpopt.in
file modified
+2 -2 
    Fix nasty --setperms/--setugids regression in 4.14.2 (RhBug: 1640470)
    
    Commit 38c2f6e160d5ed3e9c3a266139c7eb2632724c15 causes --setperms and
    --setugids follow symlinks instead of skipping them.
    
    In case of --setperms, all encountered symlinks will have their
    target file/directory permissions set to the 0777 of the link itself
    (so world writable etc but suid/sgid stripped), temporarily or permanently,
    depending on whether the symlink occurs before or after it's target in the
    package file list. When the link occurs before its target, there's a short
    window where the target is world writable before having it's permissions
    reset to original, making it particularly bad for suid/sgid binaries.
    
    --setugids is similarly affected with link targets owner/group changing
    to that of the symlink.
    
    Add missing parentheses to the conditions introduced in commit
    38c2f6e160d5ed3e9c3a266139c7eb2632724c15 to fix.
    Reported by Karel Srot, patch by Pavlina Moravcova Varekova.
file modified
+2 -2

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation