Let's put all subtleties about Unix directories to the side. Zoom wanted to change the permissions of a file so that only root could access it. The obviously correct way to do that is to simply change the permissions of the file.
Even if their solution of putting the file in a root dir worked the way they expected, it would be a circuitous and hacky solution.
> sounds like a lot of reliance on people knowing and wanting to do the right thing?
At a certain point, people need to have basic knowledge. There's a lock on your front door. It does not lock when you turn your lights off. The lock maker is not responsible if you expected it to.
> The obviously correct way to do that is to simply change the permissions of the file.
Obvious, but incorrect. As pointed out elsewhere, the permission check is done when a process opens a file, not when it performs read/write operations. So, an attacker could get a legitimate file, open in for writes, trigger the zoom update on it, zoom would then change the permissions to prevent writes, and then the attacker could modify the file using its already-open file handle.
Let's put all subtleties about Unix directories to the side. Zoom wanted to change the permissions of a file so that only root could access it. The obviously correct way to do that is to simply change the permissions of the file.
Even if their solution of putting the file in a root dir worked the way they expected, it would be a circuitous and hacky solution.
> sounds like a lot of reliance on people knowing and wanting to do the right thing?
At a certain point, people need to have basic knowledge. There's a lock on your front door. It does not lock when you turn your lights off. The lock maker is not responsible if you expected it to.