nalin / oddjob

Forked from oddjob 7 years ago
Clone

10b8aaa CVE-2020-10737: defer setting permissions on newly-created home directories

1 file Authored by nalin 3 years ago, Committed by nalin 3 years ago,
    CVE-2020-10737: defer setting permissions on newly-created home directories
    
    mkhomedir: add a patch from Matthias Gerstner of the SUSE security team
    to defer setting permissions on newly-created home directories until
    after we've finished populating them, to prevent possible interference
    and attacks from the user who will eventually be given access to the new
    home directory, while it's still being populated (CVE-2020-10737).
    
    Author: Matthias Gerstner
    Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
    
        
file modified
+28 -8