ruderich.org/simon Gitweb - safcm/safcm.git/commit

]> ruderich.org/simon Gitweb - safcm/safcm.git/commit

ruderich.org/simon / safcm / safcm.git / commit

author	Simon Ruderich <simon@ruderich.org>
	Tue, 1 Jun 2021 05:59:59 +0000 (07:59 +0200)
committer	Simon Ruderich <simon@ruderich.org>
	Tue, 1 Jun 2021 05:59:59 +0000 (07:59 +0200)
commit	2804606f9f8dc5078c38580bac363b47eb638620
tree	13d4c07adcbbb93ca3569fa9d15804f75e825896	tree \| snapshot
parent	a950980d2e302547743fb567d0636b766f4e9704	commit \| diff

remote: guard against symlinks in earlier path components

This was only an issue when syncing files to directories where other
users have write access to the parent directory. For example when
copying files to /home/user/.ssh/authorized_keys the user could replace
.ssh with a symlink which permitted overwriting authorized_keys anywhere
on the system.

Fix possible attacks by using *at syscalls and disallowing symlinks in
all path components except for the last of synced paths. Syncing
symlinks is obviously still permitted.

cmd/safcm/fixperms.go		diff \| blob \| history
remote/ainsl/ainsl.go		diff \| blob \| history
remote/ainsl/ainsl_test.go		diff \| blob \| history
remote/sync/files.go		diff \| blob \| history
remote/sync/files_compat.go	[new file with mode: 0644]	blob
remote/sync/files_compat_openbsd.go	[new file with mode: 0644]	blob
remote/sync/files_test.go		diff \| blob \| history
remote/sync/files_windows.go		diff \| blob \| history

Simple and fast configuration management

RSS Atom