Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
On Sun, Aug 24, 2008 at 06:44:57PM -0700, Russ Allbery wrote:
> Steve Langasek <email@example.com> writes:
> > The example *is* wrong - the example given is never safe to run, because
> > the only way to verify beforehand that /tmp/zenity is not a symlink to
> > something more important is by first explicitly *creating* your file
> > funder /tmp (non-destructively), then check that it's not a symlink, and
> > *then* run pilot-qof.
> I dunno, I'd feel quite comfortable running that command on my personal
> laptop, which has no other users and no remote login access. /tmp file
> vulnerabilities are only vulnerabilities on multiuser systems. We don't
> know for *packages* whether they'll be installed on multiuser systems, so
> of course we have to fix them regardless, but in examples I think it's
> often reasonable to be sloppier.
Sloppy examples are not a high priority, but I think it's still a bug,
because we should try to set better examples. All kinds of people follow
examples, including some who go on to write scripts that end up packaged
later and run by our users... :)
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/