| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
Bug: 611234
|
|
|
|
| |
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the chown call from the openrc init script start_post function,
in order to prevent privilege escalation attacks. It is unsafe to call
chown in a directory that is not owned by root, since the target file
could be a hardlink to a root-owned file.
X-Gentoo-bug: 602550
X-Gentoo-bug-url: https://bugs.gentoo.org/show_bug.cgi?id=602550
Package-Manager: portage-2.3.3
|
|
|
|
| |
Package-Manager: portage-2.3.3
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the openrc init script start_post function to use the chown
--no-dereference option in order to prevent privilege escalation
attacks.
X-Gentoo-bug: 602550
X-Gentoo-bug-url: https://bugs.gentoo.org/show_bug.cgi?id=602550
Package-Manager: portage-2.3.3
|
|
|
|
| |
Package-Manager: portage-2.3.0
|
|
Package-Manager: portage-2.2.28
|