summaryrefslogtreecommitdiff
path: root/posts/2019/42/en_US.md
diff options
context:
space:
mode:
Diffstat (limited to 'posts/2019/42/en_US.md')
-rw-r--r--posts/2019/42/en_US.md11
1 files changed, 11 insertions, 0 deletions
diff --git a/posts/2019/42/en_US.md b/posts/2019/42/en_US.md
index ed97d53..1037575 100644
--- a/posts/2019/42/en_US.md
+++ b/posts/2019/42/en_US.md
@@ -1 +1,12 @@
+synopsis: guix-daemon security issue
---
+
+### Highlights
+
+#### Insecure `/var/guix/profiles/per-user` permissions.
+
+On a multi-user system, this allowed a malicious user to create and
+populate that `$USER` sub-directory for another user that had not yet
+logged in. Since `/var/.../$USER` is in `$PATH`, the target user
+could end up running attacker-provided code. See [issue
+37744](https://issues.guix.gnu.org/issue/37744) for more information.