Improper POSIX Hard Links in GuixSD: Violation of Security Assumption
CVE-2017-1000455 · LOW Severity
AV:L/AC:L/AU:N/C:N/I:P/A:N
GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix.
Learn more about our Web Application Penetration Testing UK.