[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] usb-mtp: use O_NOFOLLOW and O_CLOEXEC.
From: |
Michael Hanselmann |
Subject: |
Re: [Qemu-devel] [PATCH] usb-mtp: use O_NOFOLLOW and O_CLOEXEC. |
Date: |
Thu, 13 Dec 2018 13:40:47 +0100 |
On 13.12.18 13:25, Gerd Hoffmann wrote:
> Open files and directories with O_NOFOLLOW to avoid symlinks attacks.
> While being at it also add O_CLOEXEC.
>
> usb-mtp only handles regular files and directories and ignores
> everything else, so users should not see a difference.
>
> Because qemu ignores symlinks carrying out an successfull symlink attack
Minor typo: s/successfull/successful/
> requires swapping an existing file or directory below rootdir for a
> symlink and winning the race against the inotify notification to qemu.
>
> Note that the impact of this bug is rather low when qemu is managed by
> libvirt due to qemu running sandboxed, so there isn't much you can gain
> access to that way.
>
> Fixes: CVE-2018-pjp-please-get-one
> Cc: Prasad J Pandit <address@hidden>
> Cc: Bandan Das <address@hidden>
> Reported-by: Michael Hanselmann <address@hidden>
> Signed-off-by: Gerd Hoffmann <address@hidden>
Thanks for the patch!
Reviewed-by: Michael Hanselmann <address@hidden>
Best regards,
Michael