Fix clearing setuid/setgid bits on a file when replaying a write
This is from an OpenZFS pull request: https://github.com/openzfs/zfs/pull/13027
We don't have the test programs they do, but their changes to zfs_vnops.c are back-portable to illumos, and should be back-ported.
Updated by Dan McDonald 6 months ago
Tested on OmniOS by using this script:
#!/bin/sh POOLNAME=rpool/test zfs destroy $POOLNAME zfs create -o sync=always $POOLNAME touch /$POOLNAME/suid chmod u+sx,o+rw /rpool/test/suid ls -lt /$POOLNAME/suid su nobody "echo test >> /$POOLNAME/suid" uadmin 5 1
Before this fix, a post-reboot "ls -lt /rpool/test/suid" would have the setuid bit STILL SET, but with the "test" text in the binary (which could be a more malicious payload in theory).
After this fix, the post-reboot "ls -lt /rpool/test/suid" will have its setuid bit cleared.
Updated by Electric Monk 6 months ago
- Status changed from New to Closed
- % Done changed from 0 to 100
commit 163bcb88498e897f35c7fc801fe9db507052a1f0 Author: Pawel Jakub Dawidek <email@example.com> Date: 2022-02-07T21:53:22.000Z 14472 Fix clearing setuid/setgid bits on a file when replaying a write Co-authored-by: Christian Schwarz <firstname.lastname@example.org> Reviewed by: Dan McDonald <email@example.com> Reviewed by: Jason King <firstname.lastname@example.org> Reviewed by: Toomas Soome <email@example.com> Approved by: Garrett D'Amore <firstname.lastname@example.org>