Re: Bug#852172: dpkg: insecure use of temp file when upgrading conf file
On Sun, Jan 22, 2017 at 01:50:29PM +0100, Ben wrote:
> what if then I decide to mv it to replace mine ?
That will probably cause ucf to fail; the temporary file is only meant
as input to ucf. ucf then tends to leave .ucf-* files around if it had
to do anything complicated.
> what was wrong with the previous scheme (write the packaged version of the
> file within the same directory) ?
No, the previous scheme was in fact to not keep sshd_config up to date
at all, except for some manual adjustments made by ad-hoc perl scripts
in the postinst. This had any number of things wrong with it.
> I'm not a security expert, if you say it's safe and there's nothing to
> worry about, that's fine with me.
It's safe and there's nothing to worry about. :-) In fact sshd_config
is normally world-readable (and it is thus on all my systems); an
installation with particularly complicated authorisation rules that they
want to keep secret might want to restrict its permissions, but
otherwise it isn't a problem.
Closing the bug with this message.
Thanks,
--
Colin Watson [cjwatson@debian.org]
Reply to: