projects / tools / librpm-tizen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ca2d6b2) | patch
Remove POSIX file capabilities from executables on erase/rename too
authorPanu Matilainen <pmatilai@redhat.com>
Thu, 3 Jun 2010 08:04:12 +0000 (11:04 +0300)
committerPanu Matilainen <pmatilai@redhat.com>
Thu, 3 Jun 2010 08:04:12 +0000 (11:04 +0300)
commit4d172a194addc49851e558ea390d3045894e3230
tree5dc37a9e80bf396642f0981ed18fdc96f2d061a9tree | snapshot
parentca2d6b2b484f1501eafdde02e1688409340d2383commit | diff
Remove POSIX file capabilities from executables on erase/rename too
- Just like suid/sgid bits, hardlinks to executables with capabilities
  set can "leak" permissions to old, potentially vulnerable versions
  of binaries. Related to RhBug:598775.
lib/fsm.c diff | blob | history
Domain: SCM / Build;