Bugtraq mailing list archives
Re: cpio TOCTOU file-permissions vulnerability
From: Steve G <linux_4ever () yahoo com>
Date: Tue, 19 Apr 2005 05:34:55 -0700 (PDT)
Hello, Since no fix has been posted, I've taken a stab at patching this. I think this patch solves all issues with chmod & chown. I would recommend people review this patch and apply since cpio can create suid files, devices, and directories with special permissions. I have a patch for coreutils mostly done and will post that soon. -Steve Grubb __________________________________ Do you Yahoo!? Make Yahoo! your home page http://www.yahoo.com/r/hs
Attachment:
cpio-2.6-chmod.patch
Description: cpio-2.6-chmod.patch
Current thread:
- cpio TOCTOU file-permissions vulnerability Imran Ghory (Apr 13)
- <Possible follow-ups>
- Re: cpio TOCTOU file-permissions vulnerability Steve G (Apr 19)