[Midnightbsd-cvs] [MidnightBSD/src] 75e37e: prowld.8: document /tmp/prowld fallback safety che...
Lucas Holt
noreply at github.com
Sun Apr 19 00:20:02 EDT 2026
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: 75e37eefad7bda0fd1acda38bdb537429c806e63
https://github.com/MidnightBSD/src/commit/75e37eefad7bda0fd1acda38bdb537429c806e63
Author: Lucas Holt <luke at foolishgames.com>
Date: 2026-04-19 (Sun, 19 Apr 2026)
Changed paths:
M sbin/prowld/prowld.8
Log Message:
-----------
prowld.8: document /tmp/prowld fallback safety checks and fatal refusal
The READ-ONLY MEDIA section previously said prowld "falls back to
/tmp/prowld" with no further detail. Expand it to describe the
secure_mkdir() validation applied to both the primary and fallback
run directories: the existing entry must be a real directory (not a
symlink), owned by root (uid 0), and have no group or other write bits.
Note that a fallback directory that fails these checks causes an
immediate fatal exit rather than operating under an attacker-controlled
path, and explain the symlink-redirect attack that this prevents.
AI-Assisted-by: Claude Sonnet 4.6
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list