On 2020-07-16 19:10, Michael Orlitzky via clamav-users wrote: > > Micah: openat() only provides "one level of safety" in that when opening > /foo/bar/baz, it ensures that "baz" is where you think it is. You may > want to investigate whether or not an attacker can replace "bar" by a > symlink in that situation.
False alarm, I guess this is the problem that was reported because the fix already traverses the path from the root upwards. _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
