tomasz.sowa/winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

fixed: security vulnerability in 'ln' winix function

Browse Source 
a user could create a hardlink to any file and the new link 
       had user_id, group_id and permissions the same as for new generated files,
       this allowes to overwrite any existing file in the filesystem,
       now user_id, group_id, permissions are the same as from the oryginal file



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@941 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
Tomasz Sowa
2013-12-03 12:33:41 +00:00
parent 375604edd6
commit c04874397b
6 changed files with 82 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/system.cpp
View File

@@ -1207,6 +1207,8 @@ int System::FollowAllLinks(const std::vector<Item*> & current_dir_tab, const std
}
else
{
// !! CHECK ME
// FollowLink is using link_to_temp temporary variable too
res = FollowLink(current_dir_tab, link_to_temp, out_dir_tab, out_item);
link_to_temp.clear();