Bug#286379: Lintian insecure removal bug (#286379)
On Tue, Dec 21, 2004 at 03:26:12PM +0100, Martin Schulze wrote:
> I haven't verified that this code is executed for each lintian execution.
> However, if it is, then its an issue since the process does not fail if
> mkdir fails, instead the directory is used.
This is simply not true, see [1]. This code is executed every lintian
invocation, but a failing mkdir _will_ abort lintian.
The current discussion is about whether or not it is okay for lintian to
use a directory made with current umask, since for example an umask of
02 would render you vulnerable to attacks by members of the same
group[2].
In my opinion, this is a user-error having 02 umask with
untrusted members of the same group[3], but the bug submitter
disagrees[4].
Sorry for the mess that this buglog is, at the moment...
--Jeroen
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286379&msg=12
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286379&msg=24
[3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286379&msg=27
[4] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286379&msg=36
--
Jeroen van Wolffelaar
Jeroen@wolffelaar.nl (also for Jabber & MSN; ICQ: 33944357)
http://Jeroen.A-Eskwadraat.nl
Reply to: