Archives
Archives
| From: | Michael Orlitzky <mjo@g.o> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Subject: | Re: [gentoo-user] Switching default tmpfiles and faster internet coming my way. | ||
| Date: | Fri, 04 Dec 2020 14:07:16 | ||
| Message-Id: | 32958ed4-221d-0e1d-a7ae-317abe952393@gentoo.org | ||
| In Reply to: | Re: [gentoo-user] Switching default tmpfiles and faster internet coming my way. by tastytea |
||
| 1 | On 12/4/20 3:55 AM, tastytea wrote: |
| 2 | > |
| 3 | > From what I could gather, opentmpfiles is only vulnerable when an |
| 4 | > attacker is able to put a config file into /etc/tmpfiles.d/, so they |
| 5 | > have to be already root. |
| 6 | |
| 7 | The exploit does require an entry in /etc/tmpfiles.d, but many packages |
| 8 | install perfectly innocent files there that happen to be exploitable |
| 9 | because opentmpfiles handles them insecurely. |