[PATCH] D93881: [llvm-objcopy] preserve file ownership when overwritten
Jian Cai via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Jan 14 17:27:50 PST 2021
jcai19 added a comment.
> I have mentioned that the GNU objcopy/strip smart_rename still has vulnerability and the owner preservation does not work for non-root (CAP_CHOWN) users.
Can this be solved by limiting the affected user to root only?
> chmod o+wx .
> sudo chmod mail a.o
> sudo -u bin strip a.o # owner becomes bin. llvm-strip has the same behavior.
I tried to verify with this example but failed. Could you share the complete list of commands? Thanks.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D93881/new/
https://reviews.llvm.org/D93881
More information about the llvm-commits
mailing list