sendnrw/netbird-docs
2
0
Fork 0
mirror of https://github.com/netbirdio/docs.git synced 2026-04-16 15:36:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix dangerous ownership

Browse Source 
This patch fixes a common mistake with manually installed software, which adds the software, in a system-wide installation path, but leave it owned to the user. If an admin start to execute this binary, it's wonderful privilege escalation vector.

This patch resolves the problem by chowning it first, and therefore require root privileges to manipulate the file, resolving the potential attack vector.
This commit is contained in:
Sheogorath
2022-11-08 03:16:50 +01:00
committed by GitHub
parent bac086c3af
commit b7c8629b4f
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/getting-started/installation.md
View File

@@ -128,7 +128,8 @@ You need to replace some variables from the URL above:
```bash
tar xcf ./netbird_<VERSION>.tar.gz
sudo mv netbird /usr/bin/netbird
chmod +x /usr/bin/netbird
sudo chown root:root /usr/bin/netbird
sudo chmod +x /usr/bin/netbird
```
After that you may need to add /usr/bin in your PATH environment variable:
````bash