Bug#3099: /etc/cron.daily/standard security hole
Package: cron
Version: 3.0pl1-31
Please comment out the "find ... | xargs rm" type lines in the
/etc/cron.daily/standard script intended to remove old files from
/tmp and /var/tmp. A clever user might trick it into removing
ANY file as root. See the recent posting from Zygo Blaxell
<zblaxell@myrus.com> on the linux-security mailing list for more
information, how to exploit etc. It is probably important to
fix it before the release...
Also check out the perl script which might be used to remove old
files when disk space is low, and does it in a more secure way.
http://www.ultratech.net/~zblaxell/admin_utils/filereaper.txt
Regards,
Marek
Reply to: