[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: chown: race condition with --recursive -L
From: |
Michael Orlitzky |
Subject: |
Re: chown: race condition with --recursive -L |
Date: |
Wed, 20 Dec 2017 17:38:28 -0500 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 |
On 12/20/2017 04:43 PM, Michael Orlitzky wrote:
>
> For this to work, you'll need to ensure that your kernel doesn't have
> any nonstandard hardening features enabled:
>
> $ sudo sysctl --write fs.protected_symlinks=0
>
> (Most distributions patch the kernel to enable that feature by default.)
>
This is a red herring, a relic of some previous version of the exploit.
The one I gave should work regardless of this hardening feature, in most
directories.