From: Ondřej Surý <ondrej@isc.org>
Date: Wed, 29 Apr 2026 14:56:37 +0000 (+0200)
Subject: fix: usr: Stop rndc-confgen from following symlinks when writing the keyfile
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=468b09feb2d9600e3bdf7d81817f8b9adc5a9d54;p=thirdparty%2Fbind9.git

fix: usr: Stop rndc-confgen from following symlinks when writing the keyfile

When rndc-confgen -a (re)created the rndc control key, it followed a
symbolic link if one happened to exist at the keyfile path: the
existence check looked through the link, then the file was truncated,
its ownership changed, and the key contents written into whatever file
the link pointed at. rndc-confgen now refuses to follow symbolic links
at the keyfile path and fails with an error instead, so the wrong file
can no longer be overwritten by accident.

Merge branch '5901-rndc-confgen-symlink-attack' into 'main'

See merge request isc-projects/bind9!11902
---

468b09feb2d9600e3bdf7d81817f8b9adc5a9d54