Date: Tue, 3 Jul 2018 20:19:31 +0200 From: Hanno Böck <hanno@...eck.de> To: kernel-hardening@...ts.openwall.com Subject: Patch for SymlinksIfOwnerMatches Hi, There's a nasty problem in many webserver configurations on multiuser systems, I've blogged about it a while ago . With a symlink it's often possible to read out configuration files of other users. This was famously used in the freedom hosting II hack . grsecurity had a workaround for this: By not allowing file operations to follow symlinks if the owner of the link and the target don't match it can block this kind of attack. I saw a need to keep this feature alive in a post-grsecurity world, so a while ago I extracted it from the grsecurity patch. I've now made that public: https://github.com/hannob/symlinkown I'm not sure about upstreaming, I think it's a worthy feature, but it might need some work in polishing it. But for now I'll just share it and I will hopefully be able to keep the patch working for future kernels.  https://blog.hboeck.de/archives/873-The-tricky-security-issue-with-FollowSymLinks-and-Apache.html  https://securityaffairs.co/wordpress/55990/deep-web/freedom-hosting-ii-hack.html -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@...eck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.