From e79c33eabbd500cedaa26613f9de758c276f56b8 Mon Sep 17 00:00:00 2001 From: Andreas Kling Date: Sat, 4 Jan 2020 11:33:36 +0100 Subject: Kernel: The root inode of a TmpFS should have the sticky bit set We were running without the sticky bit and mode 777, which meant that the /tmp directory was world-writable *without* protection. With this fixed, it's no longer possible for everyone to steal root's files in /tmp. --- Kernel/FileSystem/TmpFS.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Kernel/FileSystem') diff --git a/Kernel/FileSystem/TmpFS.cpp b/Kernel/FileSystem/TmpFS.cpp index 842a241d8a..b60ff4b5ec 100644 --- a/Kernel/FileSystem/TmpFS.cpp +++ b/Kernel/FileSystem/TmpFS.cpp @@ -121,7 +121,7 @@ NonnullRefPtr TmpFSInode::create(TmpFS& fs, InodeMetadata metadata, NonnullRefPtr TmpFSInode::create_root(TmpFS& fs) { InodeMetadata metadata; - metadata.mode = 0040777; + metadata.mode = 0041777; return create(fs, metadata, { fs.fsid(), 1 }); } -- cgit v1.2.3