RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-16 18:35:07 +00:00
Code Issues Activity Actions

Kernel: The root inode of a TmpFS should have the sticky bit set

Browse source 
We were running without the sticky bit and mode 777, which meant that
the /tmp directory was world-writable *without* protection.

With this fixed, it's no longer possible for everyone to steal root's
files in /tmp.
This commit is contained in:
Andreas Kling 2020-01-04 11:33:36 +01:00
parent 4398eec03c
commit e79c33eabb
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Kernel/FileSystem/TmpFS.cpp
View file

@ -121,7 +121,7 @@ NonnullRefPtr<TmpFSInode> TmpFSInode::create(TmpFS& fs, InodeMetadata metadata,
NonnullRefPtr<TmpFSInode> TmpFSInode::create_root(TmpFS& fs) NonnullRefPtr<TmpFSInode> TmpFSInode::create_root(TmpFS& fs)
{ {
InodeMetadata metadata; InodeMetadata metadata;
metadata.mode = 0040777; metadata.mode = 0041777;
return create(fs, metadata, { fs.fsid(), 1 }); return create(fs, metadata, { fs.fsid(), 1 });
} }