Am 14.06.2011 um 10:12 schrieb M. Mohan Kumar:
[RFC PATCH] virtio-9p: Use clone approach to fix TOCTOU vulnerability
Subject doesn't need to be duplicated.
In passthrough security model, following a symbolic link in the server side could result in TOCTTOU vulnerability.
TOCTOU or TOCTTOU? Don't know what either is, so probably others too - that acronym could use an explanation or link to CVE/etc.
Andreas
Use clone system call to create a thread which runs in chrooted environment. All passthrough model file operations are done from this thread to avoid TOCTTOU vulnerability. Signed-off-by: Venkateswararao Jujjuri <jv...@linux.vnet.ibm.com> Signed-off-by: M. Mohan Kumar <mo...@in.ibm.com> ---
[...]
