From b7c8629b4f6bd37e4b91931beb899aa6b0d9b099 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Tue, 8 Nov 2022 03:16:50 +0100
Subject: [PATCH] Fix dangerous ownership

This patch fixes a common mistake with manually installed software, which adds the software, in a system-wide installation path, but leave it owned to the user. If an admin start to execute this binary, it's wonderful privilege escalation vector.

This patch resolves the problem by chowning it first, and therefore require root privileges to manipulate the file, resolving the potential attack vector.
---
 docs/getting-started/installation.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/getting-started/installation.md b/docs/getting-started/installation.md
index a4fda525..f04af1e5 100644
--- a/docs/getting-started/installation.md
+++ b/docs/getting-started/installation.md
@@ -128,7 +128,8 @@ You need to replace some variables from the URL above:
   ```bash
   tar xcf ./netbird_<VERSION>.tar.gz
   sudo mv netbird /usr/bin/netbird
-  chmod +x /usr/bin/netbird
+  sudo chown root:root /usr/bin/netbird
+  sudo chmod +x /usr/bin/netbird
   ```
 After that you may need to add /usr/bin in your PATH environment variable:
   ````bash