Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability

To: Joey Hess <joeyh@debian.org>, debian-security-private@lists.debian.org, debian-security@lists.debian.org
Subject: Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
From: Josip Rodin <joy@cibalia.gkvk.hr>
Date: Fri, 17 Nov 2000 15:26:04 +0100
Message-id: <[🔎] 20001117152604.C11320@cibalia.gkvk.hr>
In-reply-to: <20001116232115.L11209@kitenet.net>; from joeyh@debian.org on Thu, Nov 16, 2000 at 11:21:15PM -0800
References: <20001116232115.L11209@kitenet.net>

On Thu, Nov 16, 2000 at 11:21:15PM -0800, Joey Hess wrote:
> Package: joe
> Version: 2.8
> Severity: important
> 
>  FILE *f=fopen("DEADJOE","a");
> 
> Looks vulnerable indeed. Amusingly Debian has already patched right
> abve this line to not make the DEADJOE file mode 755, to prevent
> sensitive data (/etc/shadow) leakage. We were so close..

Oh well :(

The fix would be to use open(2) and set the O_EXCL flag so it bails out?

I'd like some security person to make a patch or even better a whole potato
NMU, because I don't feel up to the task.

-- 
Digital Electronic Being Intended for Assassination and Nullification

Reply to:

Follow-Ups:
- Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
  - From: Colin Phipps <cph@netcraft.com>

Prev by Date: Re: vixie cron... (fwd)
Next by Date: Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
Previous by thread: Re: vixie cron... (fwd)
Next by thread: Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
Index(es):
- Date
- Thread