On Wed, Dec 03, 2025 at 02:16:29PM +0100, Bernd Edlinger wrote: > Hmm, yes, that looks like an issue. > > I would have expected the security engine to look at bprm->filenanme > especially in the case, when bprm->interp != bprm->filename, > and check that it is not a sym-link with write-access for the > current user and of course also that the bprm->file is not a regular file > which is writable by the current user, if that is the case I would have > expected > the secuity engine to enforce non-new-privs on a SUID executable somehow.
Check that _what_ is not a symlink? And while we are at it, what do write permissions to any symlinks have to do with anything whatsoever?
