Never follow links in path-based chown()

This is basically a leftover from the initial conversion to the *at() family in commit 1bab34c6e45c549c7829e469ba35bdececbb84e8 - the logic was already there and only converted to the *at() form. But this is not only potentially insecure (remember all those symlink CVEs) but also wrong simply because it's inconsistent with the other metadata ops which never follow links in path-based mode. (cherry picked from commit 3a3e10b9813bdfc4223aedc82292386a50510b04)
author: Panu Matilainen <pmatilai@redhat.com> 2023-01-13 10:16:35 +0200
committer: Michal Domonkos <mdomonko@redhat.com> 2023-03-13 15:32:25 +0100
commit: 1c169a4089c3d08069651a33a20be67f26cfbfc4 (patch)
tree: 7df052a8b03693b9b110833fba30abbdfc14a99b
parent: 8b5cce9a68f93a3b7826a9de6547341855e9dfe2 (diff)
download: rpm-1c169a4089c3d08069651a33a20be67f26cfbfc4.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/fsm.c b/lib/fsm.c
index d8bf82a6d..e144a03d8 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -558,7 +558,7 @@ static int fsmChown(int fd, int dirfd, const char *path, mode_t mode, uid_t uid,
 	    }
 	}
     } else {
-	int flags = S_ISLNK(mode) ? AT_SYMLINK_NOFOLLOW : 0;
+	int flags = AT_SYMLINK_NOFOLLOW;
 	rc = fchownat(dirfd, path, uid, gid, flags);
 	if (rc < 0) {
 	    struct stat st;
author	Panu Matilainen <pmatilai@redhat.com>	2023-01-13 10:16:35 +0200
committer	Michal Domonkos <mdomonko@redhat.com>	2023-03-13 15:32:25 +0100
commit	1c169a4089c3d08069651a33a20be67f26cfbfc4 (patch)
tree	7df052a8b03693b9b110833fba30abbdfc14a99b
parent	8b5cce9a68f93a3b7826a9de6547341855e9dfe2 (diff)
download	rpm-1c169a4089c3d08069651a33a20be67f26cfbfc4.tar.gz