sigdump icon indicating copy to clipboard operation
sigdump copied to clipboard

Published 20 hours ago verified publisher icon fluent

Avoid to write linked path

Open cosmo0920 opened this issue 3 years ago • 1 comments

Currently, sigdump uses predictable path to write object dump. But, in some circumstances, this implementation makes a vulnerability for dangling symlink attack. And also, Kernel.open should use 0644 instead of 0666(wolrd-writable permission). This will be also vulnerability part of dangling symlink attack.

cosmo0920 avatar May 21 '21 05:05 cosmo0920

@frsyuki Could you kindly take a look if you have a time? If you don't have enough time to maintain this gem, we can handle issues/PRs on @fluent-plugins-nursery: https://github.com/fluent-plugins-nursery/contact

We think that maintainace of this gem is important for Fluentd community.

cosmo0920 avatar May 21 '21 05:05 cosmo0920