15484553f3
Fixes the following security issues: CVE-2020-14367: Insecure writing of pidfile ------------------------------------------- When chronyd is configured to save the pidfile in a directory where the chrony user has write permissions (e.g. /var/run/chrony - the default since chrony-3.4), an attacker that compromised the chrony user account could create a symbolic link at the location of the pidfile to make chronyd starting with root privileges follow the symlink and write its process ID to a file for which the chrony user doesn't have write permissions, causing a denial of service, or data loss. This issue was reported by Matthias Gerstner of SUSE. For further details, see the oss-security posting: https://www.openwall.com/lists/oss-security/2020/08/21/1 Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| S49chrony | ||
| chrony.hash | ||
| chrony.mk | ||
| chrony.service | ||