>> This means a listener may have read authorization for /home and mark >> this mount. >> Afterwards, while you sign a git tag, it will receive a FAN_OPEN event >> and use the file descriptor supplied in the event to overwrite your >> /home/jankara/.gnupg/secring.pgp >> though the file is chmod 600 and the listener is neither root nor you. > Ah, right. Thanks for explaining this to me. I'm not really too excited > about this as a security issue because once the process has CAP_SYS_ADMIN > it basically owns the machine (it is sadly one of those capabilities which > is too broad)
Yup. https://lwn.net/Articles/486306/ > but I agree checking permissions when creating the fd is > reasonable. > > Honza > -- > Jan Kara <j...@suse.cz> > SUSE Labs, CR -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Linux/UNIX System Programming Training: http://man7.org/training/ -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
