From debbugs-submit-bounces@debbugs.gnu.org Sat Apr 03 12:33:00 2021 Received: (at 47584) by debbugs.gnu.org; 3 Apr 2021 16:33:00 +0000 Received: from localhost ([127.0.0.1]:34368 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lSjCm-0002pD-Gs for submit@debbugs.gnu.org; Sat, 03 Apr 2021 12:33:00 -0400 Received: from baptiste.telenet-ops.be ([195.130.132.51]:41568) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lSjCj-0002p2-5p for 47584@debbugs.gnu.org; Sat, 03 Apr 2021 12:32:58 -0400 Received: from butterfly.local ([213.132.158.53]) by baptiste.telenet-ops.be with bizsmtp id oGYu2400D19Qjf101GYvVU; Sat, 03 Apr 2021 18:32:55 +0200 Message-ID: <67e04c1c532d4553c5456ebf581d7d3d3d59733c.camel@telenet.be> Subject: Re: bug#47584: Race condition in =?UTF-8?Q?=E2=80=98copy-account-skeletons=E2=80=99=3A?= possible privilege escalation. From: Maxime Devos To: 47584@debbugs.gnu.org Date: Sat, 03 Apr 2021 18:32:54 +0200 In-Reply-To: <63fbd9e37cc3582daf265277e64f0a99b20e05ec.camel@telenet.be> References: <1a6ed722dfdd96dc8d53f939aa8e440ca7c29213.camel@telenet.be> <63fbd9e37cc3582daf265277e64f0a99b20e05ec.camel@telenet.be> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r21; t=1617467575; bh=Sw/UfKzDCrSltxYl/oPfddr3GjoJV0OoFTZcWIAll7c=; h=Subject:From:To:Date:In-Reply-To:References; b=ZlErvDbK0rZxPgnpY8PyDoNp/xTxYUruL/L1za+Oml+85nc0FCCqup9cZ+f/BUwP3 OnId5chxG7KkrK10H+KnkBJ68YH5mvfEKTl6iBPhD+KA805+hVdeB3YUwMFwOyUhfs iEocylNsYI+2vq/f6NbtVSNlJ7zmM9cKH9gx0B7WNz7oMeyPP+f4LRsIG+djdec3sL ljrFYYafj75U97JTjVRFgvpLvLV7b1ukt2IXn4JY54cDbAP5K8gLO9IKbAoGNjXx0n /XL62UdwRLfUzyc/goegwFh+SGjwOOgdxQJ02sCuRkmdJJzU6yVMosRiRkXW/IVfF6 L5Vr3Em+njZXg== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47584 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) On Sat, 2021-04-03 at 18:22 +0200, Maxime Devos wrote: > + ;; It is important 'chown' is called after 'copy-account-skeletons' > + ;; Otherwise, a malicious user with good timing could > + ;; create a symlink in HOME that would be dereferenced by > + ;; 'copy-account-skeletons'. Oops please add a period after 'copy-account-skeletons';