9pfs: fix vulnerability in openat_dir() and local_unlinkat_common()
We should pass O_NOFOLLOW otherwise openat() will follow symlinks and make QEMU vulnerable. While here, we also fix local_unlinkat_common() to use openat_dir() for the same reasons (it was a leftover in the original patchset actually). This fixes CVE-2016-9602. Signed-off-by:Greg Kurz <groug@kaod.org> Reviewed-by:
Daniel P. Berrange <berrange@redhat.com> Reviewed-by:
Eric Blake <eblake@redhat.com> (cherry picked from commit b003fc0d) Signed-off-by:
Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by:
Michael Roth <mdroth@linux.vnet.ibm.com>
Loading
Please register or sign in to comment