-
Notifications
You must be signed in to change notification settings - Fork 543
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[sosreport] prepare report in a private subdirectory
To avoid file creation races in shared temporary directories like /tmp and /var/tmp use a private (0700) subdirectory to build the FileCacheArchive and subsequent archive and compressed archive files: only create a file in the containing directory when it can be done as a single atomic rename. This prevents sos from writing to an arbitrary location under the control of another user: a malicious user could steal data or over write files in /etc resulting in a local privilege escalation. There remains a further race since once the archive name is known the checksum file name becomes predictable: as the checksum file is also prepared in the subdirectory and moved into place the result is always either success or an error that is reported to the user. The correct checksum value is still reported to the user via the terminal. Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
- Loading branch information
Showing
1 changed file
with
77 additions
and
23 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters