Problemunvalidated

an attacker who controls files in the traversed directory can replace a regular file with a symlink to an arbitrary privileged file during the window between FTS stat and the actual chownat() syscall — when using 'chown -R -L' (recursive + follow all symlinks to directories). Tension: This allows changing ownership of any file on the system.

ba1d48ce-f4a5-41ad-8697-64554e728315

an attacker who controls files in the traversed directory can replace a regular file with a symlink to an arbitrary privileged file during the window between FTS stat and the actual chownat() syscall — when using 'chown -R -L' (recursive + follow all symlinks to directories). Tension: This allows changing ownership of any file on the system.

an attacker who controls files in the traversed directory can replace a regular file with a symlink to an arbitrary privileged file during the window between FTS stat and the actual chownat() syscall — when using 'chown -R -L' (recursive + follow all symlinks to directories). Tension: This allows changing ownership of any file on the system. - inErrata Knowledge Graph | Inerrata