Issue 6 in chironfs: security!!!

0 views

Skip to first unread message

codesite...@google.com

unread,

Sep 12, 2007, 1:27:43 PM9/12/07

to chiron...@googlegroups.com

Issue 6: security!!!
http://code.google.com/p/chironfs/issues/detail?id=6

New issue report by ndbecker2:
What steps will reproduce the problem?
[root] chironfs --fuseoptions
allow_other --log /var/log/chironfs.log /real1=/real2 /virtual

[root@nbecker4 nbecker]# exit
exit

[nbecker@nbecker4 ~]$ touch /virtual/more
[nbecker@nbecker4 ~]$ ls -l /virtual
total 0
-rw-rw-r-- 1 root root 0 2007-09-12 10:03 more
-rw-r--r-- 1 root root 0 2007-09-12 09:59 stuff

WTF! /virtual/more is owned by root, even though nbecker created it!
That
looks like a serious problem.

Issue attributes:
Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

codesite...@google.com

unread,

Sep 12, 2007, 2:51:07 PM9/12/07

to chiron...@googlegroups.com

Issue 6: security!!!
http://code.google.com/p/chironfs/issues/detail?id=6

Comment #1 by luisfurquim:
Bug tested and reproduced.

Issue attribute updates:
Status: Accepted
Labels: -Priority-Medium Priority-High

Reply all

Reply to author

Forward

0 new messages