[clamav-users] Problems compiling 0.102.4 on OLD system
Micah Snyder (micasnyd)
micasnyd at cisco.com
Fri Jul 17 19:38:26 UTC 2020
No worries Michael! Yes we're doing traversal from root to avoid that issue. :-)
Kevin: Any chance you can upgrade those old systems? We try to support roughly the last 2 LTS releases for major distros / operating systems but don't have time to go out of our way to maintain compatibility with really old systems.
If you or someone else wants to craft a patch to maintain compatibility with those older systems and can submit a PR on Github, we'd be happy to test it & integrate it -- provided it doesn't break other things.
-Micah
On 7/16/20, 4:24 PM, "clamav-users on behalf of Michael Orlitzky via clamav-users" <clamav-users-bounces at lists.clamav.net on behalf of clamav-users at lists.clamav.net> wrote:
On 2020-07-16 19:10, Michael Orlitzky via clamav-users wrote:
>
> Micah: openat() only provides "one level of safety" in that when opening
> /foo/bar/baz, it ensures that "baz" is where you think it is. You may
> want to investigate whether or not an attacker can replace "bar" by a
> symlink in that situation.
False alarm, I guess this is the problem that was reported because the
fix already traverses the path from the root upwards.
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list