On Mon, 20 Feb 2017 15:40:45 +0100
Greg Kurz wrote:
> The local_lremovexattr() callback is vulnerable to symlink attacks because
> it calls lremovexattr() which follows symbolic links in all path elements but
> the rightmost one.
>
> This patch converts local_lremovexattr() to rely on opendir_no
On Mon, Feb 20, 2017 at 03:40:45PM +0100, Greg Kurz wrote:
> The local_lremovexattr() callback is vulnerable to symlink attacks because
> it calls lremovexattr() which follows symbolic links in all path elements but
> the rightmost one.
>
> This patch converts local_lremovexattr() to rely on opend
The local_lremovexattr() callback is vulnerable to symlink attacks because
it calls lremovexattr() which follows symbolic links in all path elements but
the rightmost one.
This patch converts local_lremovexattr() to rely on opendir_nofollow() and
fremovexattrat_nofollow() instead.
This partly fix