[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bacula-devel] Debian Bacula vuln

* Adam Thornton schrieb am 09.12.08 um 16:36 Uhr:
> On Dec 9, 2008, at 9:19 AM, Dan Langille wrote:
> > "The possibility of attack with the help of symlinks in some Debian
> > packages"
> >
> > I heard about the first URL, which leads to the other two:
> >
> >
> > http://web.nvd.nist.gov/view/vuln/detail?execution=e4s1
> > http://lists.debian.org/debian-devel/2008/08/msg00347.html
> > http://uvw.ru/report.sid.txt
> >
> > Short version: It's a packaging problem, not a Bacula problem but I
> > have not confirmed this.
> It's the same problem that's existed forever on Unix systems.
> Basically, if you write a file into /tmp, well, anyone can write into / 
> tmp, so if they get there first and create a symlink using the  
> filename you're going to open and write, then you're writing to  
> something they control.

Thats why you always should use things like mktemp so that your
filesnames in tmp will not be predictable.

8AAC 5F46 83B4 DB70 8317  3723 296C 6CCA 35A6 4134

SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can't happen without you.  Join us at MIX09 to help
pave the way to the Next Web now. Learn more and register at
Bacula-devel mailing list

This mailing list archive is a service of Copilotco.