diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/manual/rl-next/fchmodat2-sandbox.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/manual/rl-next/fchmodat2-sandbox.md b/doc/manual/rl-next/fchmodat2-sandbox.md new file mode 100644 index 000000000..82429a93d --- /dev/null +++ b/doc/manual/rl-next/fchmodat2-sandbox.md @@ -0,0 +1,8 @@ +--- +synopsis: Creating setuid/setgid binaries with fchmodat2 is now prohibited by the build sandbox +prs: 10501 +--- + +The build sandbox blocks any attempt to create setuid/setgid binaries, but didn't check +for the use of the `fchmodat2` syscall which was introduced in Linux 6.6 and is used by +glibc >=2.39. This is fixed now. |