Bug#286379: lintian: Insecure temporary directory usage
On Tue, Dec 21, 2004 at 01:18:27AM +0100, Javier Fern?ndez-Sanguino Pe?a wrote:
> _However_ if it does not exist the lab is created, if the user has a
> "insecure" umask (002) you will end up being prey to symlink attacks due
> to a race condition check this (when setting up the lab):
If you have a umask of 002 you can expect people of the same group to
do nasty things with you... Isn't that the whole point of umask? If I
set umask of 0, I'll be vulnerable too, to a whole lot of issues.
> So what you have here is a race condition because of temporary
> files. Granted, this only happens when you have a lax umask, but it could
> be prevented either by using a proper function to create temporary
> directories (tempdir() will set them up mode 700) or by restricting the
> umask to 0700 when creating the temporary directories in Lab::setup().
No need to extra-restrict IMHO, I don't think one should restrict
permissions above what's needed according to the user. On systems where
I have a 02 umask, I *intent* for users of the same group to be able
to write to all the stuf I do. If that's not intended, well, don't have
a 02 umask.
> I did not properly assess the issue in the initial report, but I still
> believe that Lintian has a security bug which introduces a hole under
> some conditions and that could be easily fixed.
I, and with me one other lintian maintainer I consulted, still don't
think this is a security bug (the different issue w.r.t. removing files
however still stands).
> PS: Yes, version was 1.23.3, blame it on opening up multiple bug reports at
> 1 am
Thought something like that :), n/p.
--Jeroen
--
Jeroen van Wolffelaar
Jeroen@wolffelaar.nl (also for Jabber & MSN; ICQ: 33944357)
http://Jeroen.A-Eskwadraat.nl
Reply to: