Vinícius dos Santos Oliveira 05e2adf509 Validate fds created by the user ...

write_mapping() will do the following:

openat(proc_dir_fd, map_file, O_WRONLY);

An attacker could create a directory containing a symlink named
"uid_map" pointing to any file owned by root, and thus allow him to
overwrite any root-owned file.

2023-02-24 16:20:57 -06:00

2.0 KiB

Raw Blame History

View Raw