b22cc03c75
Reported by @slackner at https://github.com/rfjakob/gocryptfs/issues/327 : Possible race-conditions between file creation and Fchownat * Assume a system contains a gocryptfs mount as root user with -allow_other * As a regular user create a new file with mode containing the SUID flag and write access for other users * Before gocryptfs executes the Fchownat call, try to open the file again, write some exploit code to it, and try to run it. For a short time, the file is owned by root and has the SUID flag, so this is pretty dangerous. |
||
|---|---|---|
| .. | ||
| args.go | ||
| ctlsock_interface.go | ||
| dircache.go | ||
| file_allocate_truncate.go | ||
| file_holes.go | ||
| file.go | ||
| fs_dir.go | ||
| fs.go | ||
| openbackingdir_test.go | ||
| openbackingdir.go | ||
| xattr_darwin.go | ||
| xattr_linux_unit_test.go | ||
| xattr_linux.go | ||
| xattr_unit_test.go | ||
| xattr.go | ||