Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
syscall: check correct group in Faccessat
# AWS EKS Backported To: go-1.15.15-eks Backported On: Thu, 22 Sept 2022 Backported By: [email protected] Backported From: release-branch.go1.17 EKS Patch Source Commit: danbudris@a4d1586 Upstream Source Commit: golang@04781d1 Fixes: CVE-2022-29526 # Original Information The Faccessat call checks the user, group, or other permission bits of a file to see if the calling process can access it. The test to see if the group permissions should be used was made with the wrong group id, using the process's group id rather than the file's group id. Fix this to use the correct group id. No test since we cannot easily change file permissions when not running as root and the test is meaningless if running as root. For golang#52313 Fixes golang#52439 Change-Id: I4e2c84754b0af7830b40fd15dedcbc58374d75ee Reviewed-on: https://go-review.googlesource.com/c/go/+/399539 Reviewed-by: Ian Lance Taylor <[email protected]> Run-TryBot: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]> (cherry picked from commit f66925e) Reviewed-on: https://go-review.googlesource.com/c/go/+/401078 Auto-Submit: Tatiana Bradley <[email protected]> Run-TryBot: Tatiana Bradley <[email protected]> Run-TryBot: Damien Neil <[email protected]> Auto-Submit: Damien Neil <[email protected]> Reviewed-by: Tatiana Bradley <[email protected]>
- Loading branch information