Vigil@nce - Linux kernel: changing GFS2 ACL
July 2010 by Marc Jacob
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
A local attacker can change ACLs of GFS2 files, in order to access
to them.
Severity: 2/4
Creation date: 09/07/2010
DESCRIPTION OF THE VULNERABILITY
The Linux kernel supports GFS/GFS2 (Global File System).
The fs/gfs2/acl.c file manages ACLs (Access Control List) on GFS2
files. However, a user can alter ACLs on all files, even if he’s
not the owner of the file.
A local attacker can therefore change ACLs of GFS2 files, in order
to access to them.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-changing-GFS2-ACL-9749