[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#697190: unblock: virtuoso-opensource/6.1.4+dfsg1-2

Hi,

José Manuel Santamaría Lema wrote (02 Jan 2013 20:22:43 GMT) :
> intrigeri <intrigeri@debian.org>
>> From a remote point-of-view, this is worrying:  do you mean something
>> during the installation will access or create a file with a fixed name
>> in /tmp?

> Yes.

>> May it have security implications?

> Unfortunately, yes. See http://bugs.debian.org/cgi-
> bin/bugreport.cgi?bug=576418

I'm tagging that one "security".

It's annoying, but yet another kind of security concern than the one
I was afraid of and refering to... when using such predictable names,
in many cases an attacker could overwrite any existing file on the
system with the permissions of the process that wants to create the
file. I doubt the /tmp/virt_1111 thing is immune to this class of
attacks. Is it? Any very good reason to *both* 1. use a predictable
name; and 2. use /tmp rather than a dedicated directory only writable
by users that should access this file?

Cheers,
-- 
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
Reply to: