[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Risk of local privilege escalation via guix-daemon

From: Leo Famulari
Subject: Risk of local privilege escalation via guix-daemon
Date: Thu, 18 Mar 2021 13:34:12 -0400


A security vulnerability that can lead to local privilege escalation has
been found in the `guix-daemon`. It affects multi-user setups in which
`guix-daemon` runs locally.

This bug has been fixed.

More information is available on the Guix blog:


The attack consists in having an unprivileged user spawn a build process, for
instance with `guix build`, that makes its build directory world-writable.  The
user then creates a hardlink to a root-owned file such as `/etc/shadow` in that
build directory.  If the user passed the `--keep-failed` option and the build
eventually fails, the daemon changes ownership of the whole build tree,
including the hardlink, to the user.  At that point, the user has write access
to the target file.


On multi-user systems, we recommend upgrading the `guix-daemon` now.

To upgrade the daemon on Guix System, run:

guix pull
sudo guix system reconfigure /run/current-system/configuration.scm
sudo herd restart guix-daemon

On other distros, use something like this:

sudo --login guix pull
sudo systemctl restart guix-daemon.service


Please report any issues you may have to <>.

On behalf of the Guix team,
Leo Famulari

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]