![]() Reported by @slackner at https://github.com/rfjakob/gocryptfs/issues/327 : Possible race-conditions between file creation and Fchownat * Assume a system contains a gocryptfs mount as root user with -allow_other * As a regular user create a new file with mode containing the SUID flag and write access for other users * Before gocryptfs executes the Fchownat call, try to open the file again, write some exploit code to it, and try to run it. For a short time, the file is owned by root and has the SUID flag, so this is pretty dangerous. |
||
---|---|---|
.. | ||
args.go | ||
ctlsock_interface.go | ||
dircache.go | ||
file_allocate_truncate.go | ||
file_holes.go | ||
file.go | ||
fs_dir.go | ||
fs.go | ||
openbackingdir_test.go | ||
openbackingdir.go | ||
xattr_darwin.go | ||
xattr_linux_unit_test.go | ||
xattr_linux.go | ||
xattr_unit_test.go | ||
xattr.go |