[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: severity for bugs in ignoring TMP/TMPDIR?

Ben Hutchings writes ("Re: severity for bugs in ignoring TMP/TMPDIR?"):
> A similar change has been implemented
> <https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#Symlink_Protection> and will probably be included in wheezy.

Interesting.  That approach protects the buggy programs, but does not
detect them.

The suggestion I made earlier would break the buggy programs which is
slightly different.  I guess it's just whether we want to try to
detect these bugs so that the software ends up fixed for everyone
(including any Debian users using stock kernels), at the cost of
extra pain for us.


Reply to: