Bug#287018: apache-common: postinst should fix permissions and ownership of mod-bandwidth directory
Package: apache-common
Version: 1.3.33-6sarge1
Followup-For: Bug #287018
Tags: security
Hi,
New versions of apache-common (1.3.33-6sarge1) already create the
directory /var/lib/apache/mod-bandwidth with NOT world writeable
permissions; so no problems with newer debian installations.
However, if the user updates from previous version package, it will
not fix the permissions.
The user can successfully attack the machine filling all the hard
disk partition of /var; it will probably be a local denial of service
attack. I'm tagging "security" this bug. Please check if the severity
needs to be changed to grave/critical.
I suggest "postinst" to fix this permissions. I tested this issue
and at least one debian server is vulnerable too; I wrote data to
/var/lib/apache/mod-bandwidth/ directory successfully.
Thanks in advance,
Pedro
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-k7
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Versions of packages apache-common depends on:
ii apache2-utils 2.0.54-5 utility programs for webservers
ii debconf 1.4.30.13 Debian configuration management sy
ii dillo [www-browser] 0.8.3-1 GTK-based web browser
ii elinks [www-browser 0.10.4-7 advanced text-mode WWW browser
ii galeon [www-browser 1.3.20-1 GNOME web browser for advanced use
ii konqueror [www-brow 4:3.3.2-1sarge1 KDE's advanced File Manager, Web B
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-18 Berkeley v4.2 Database Libraries [
ii libexpat1 1.95.8-3 XML parsing C library - runtime li
ii links [www-browser] 0.99+1.00pre12-1 Character mode WWW browser
ii lynx [www-browser] 2.8.5-2sarge1 Text-mode WWW Browser
ii mime-support 3.28-1 MIME files 'mime.types' & 'mailcap
ii mozilla-browser [ww 2:1.7.8-1sarge3 The Mozilla Internet application s
hi mozilla-firefox [ww 1.0.4-2sarge3 lightweight web browser based on M
ii perl 5.8.4-8 Larry Wall's Practical Extraction
ii sed 4.1.2-8 The GNU sed stream editor
ii ucf 1.17 Update Configuration File: preserv
ii w3-el-e21 [www-brow 4.0pre.2001.10.27-16 Web browser for GNU Emacs 21
ii w3m [www-browser] 0.5.1-3 WWW browsable pager with excellent
-- debconf information excluded
Reply to: