Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix issue of listen before chmod on Unix sockets (CVE-2023-45145) (#1…
…2671) Before this commit, Unix socket setup performed chmod(2) on the socket file after calling listen(2). Depending on what umask is used, this could leave the file with the wrong permissions for a short period of time. As a result, another process could exploit this race condition and establish a connection that would otherwise not be possible. We now make sure the socket permissions are set up prior to calling listen(2). (cherry picked from commit 1119eca) Co-authored-by: Yossi Gottlieb <yossigo@gmail.com>
- Loading branch information
03345ddThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello,
I'm currently developing a microservice application that utilizes multiple instance of Redis images. Specifically, I'm focusing on the area of intrusion attacks. Could you please provide guidance on how I can simulate and recreate such exploits locally?
03345ddThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@PsychoPunkSage steps:
usleeppermission denied, you success.