rsnapshot -- local privilege escalation

2005-04-10T00:00:00
ID 8C5AD0CF-BA37-11D9-837D-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2005-04-10T00:00:00

Description

An rsnapshot Advisory reports:

The copy_symlink() subroutine in rsnapshot incorrectly changes file ownership on the files pointed to by symlinks, not on the symlinks themselves. This would allow, under certain circumstances, an arbitrary user to take ownership of a file on the main filesystem.