From: | Michael Orlitzky <mjo@g.o> | ||
---|---|---|---|
To: | gentoo-user@l.g.o | ||
Subject: | Re: [gentoo-user] Switching default tmpfiles and faster internet coming my way. | ||
Date: | Fri, 04 Dec 2020 14:07:16 | ||
Message-Id: | 32958ed4-221d-0e1d-a7ae-317abe952393@gentoo.org | ||
In Reply to: | Re: [gentoo-user] Switching default tmpfiles and faster internet coming my way. by tastytea |
1 | On 12/4/20 3:55 AM, tastytea wrote: |
2 | > |
3 | > From what I could gather, opentmpfiles is only vulnerable when an |
4 | > attacker is able to put a config file into /etc/tmpfiles.d/, so they |
5 | > have to be already root. |
6 | |
7 | The exploit does require an entry in /etc/tmpfiles.d, but many packages |
8 | install perfectly innocent files there that happen to be exploitable |
9 | because opentmpfiles handles them insecurely. |