| Re: [chrony-dev] chrony 3.5.1 and PATH_MAX |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
- To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-dev] chrony 3.5.1 and PATH_MAX
- From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
- Date: Tue, 25 Aug 2020 08:52:42 +0200
- Authentication-results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mlichvar@xxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1598338367; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=6HnY0b0wzG/epPZhXxfVlb8fcH8jmF0JW65j8IMf6gI=; b=hQHqrfoNzSnVjRyzjhGAZNtFhjobUuH0qr3a47eQUhV4I+x+BlDHf1SYPHsNbDd6wO0xtZ ffl+TikcMzxMbGMbzHzvm+txf19/Ijt6ir4BLtGhNzPhsBTP8Y5S4Sy8I1q68d+1aOf7VL 5sgzofXXnKeNtL5MAN2nQ8D2GLrsn9A=
On Mon, Aug 24, 2020 at 07:03:51PM +0200, Matthias Andree wrote:
> At any rate, I set the "discovery" date to the first relevant commit here:
> <https://vuxml.freebsd.org/freebsd/719f06af-e45e-11ea-95a1-c3b8167b8026.html>
>
> However is 2020-08-06 the real date that the symlink vulnerability was
> discovered (or a bug understood as vulnerability), or was that some
> earlier date?
I received the report on 2020-08-05. I knew what a symlink attack is
in general, but I didn't realize it applied to the chronyd's pidfile
and its own user. The reason why it was already fixed in the
development code was that there was a need for opening file with
restricted permissions (to avoid leaking the NTS keys) and all fopen()
calls were switched to the new function.
--
Miroslav Lichvar
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.