Bug#1050289: Predicatble temporary directory and file names and insufficient error checking

To: submit@bugs.debian.org
Subject: Bug#1050289: Predicatble temporary directory and file names and insufficient error checking
From: Guido Berhoerster <guido@berhoerster.name>
Date: Tue, 22 Aug 2023 18:14:36 +0200
Message-id: <[🔎] d16edb34-b64e-85ba-e08a-181be1754f19@berhoerster.name>
Reply-to: Guido Berhoerster <guido@berhoerster.name>, 1050289@bugs.debian.org

Package: sitesummary
Version: 0.1.54

sitesummary-client runs during boot and via cronjob with superuser privileges.
It creates both a directory with a predictable naming scheme: /tmp/sitesummary-<PID>.

Due to insufficient error checking a user can pre-create directories
which then will prevent its creation and prevent the script from changing the
current working directory before creating lots of temporary files. In case of
a cronjob the current working directory will be /root and during boot it will
be /. Thus during boot a tar file of the root directory will be created on /tmp
which may fill up the /tmp or root partition depending on disk size and
partition scheme.

Furthermore, the script will create the tar file following the same naming
scheme /tmp/sitesummary-<PID>.tar.gz which in the absence of kernel symlink
protection allows for symlink attacks.

-- 
Guido Berhoerster

Reply to:

Follow-Ups:
- Bug#1050289: marked as done (Predicatble temporary directory and file names and insufficient error checking)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: sitesummary_0.1.54_source.changes ACCEPTED into unstable
Next by Date: Bug#1050289: marked as done (Predicatble temporary directory and file names and insufficient error checking)
Previous by thread: sitesummary_0.1.54_source.changes ACCEPTED into unstable
Next by thread: Bug#1050289: marked as done (Predicatble temporary directory and file names and insufficient error checking)
Index(es):
- Date
- Thread