]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8b364a3) | patch
tmpfiles: be more careful when adjusting chmod() + chown()
authorLennart Poettering <lennart@poettering.net>
Mon, 29 Apr 2019 14:11:52 +0000 (16:11 +0200)
committerLennart Poettering <lennart@poettering.net>
Tue, 30 Apr 2019 07:18:23 +0000 (09:18 +0200)
commita9f55d0e7ed8b718641605f91553e4f150390dbd
tree4f4b4215a0d73dd18754af181faba474e275088etree | snapshot
parent8b364a38238bf828ae6df93fdbca7897bd8f042ccommit | diff
tmpfiles: be more careful when adjusting chmod() + chown()

chown() might drop the suid/sgid bit from files. hence let's chmod()
after chown().

But also, let's tighten the transition a bit: before issuing chown()
let's set the file mask to the minimum of the old and new access
bitmask, so that at no point in time additional privs are available on
the file with a non-matching ownership.

Fixes: #12354
src/tmpfiles/tmpfiles.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.