Bug#795600: /usr/lib/apt/solvers/dump: insecure use of /tmp

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#795600: /usr/lib/apt/solvers/dump: insecure use of /tmp
From: Jakub Wilk <jwilk@debian.org>
Date: Sat, 15 Aug 2015 17:34:20 +0200
Message-id: <[🔎] 20150815153420.GA452@jwilk.net>
Reply-to: Jakub Wilk <jwilk@debian.org>, 795600@bugs.debian.org
In-reply-to: <20150814081408.GA13087@crossbow>
References: <20120524141028.GH15972@pps.jussieu.fr> <CAAZ6_fDTxvENswTrUxnOGqeUbjO0-OTxRSrmPVAG_wbkLTaz5Q@mail.gmail.com> <20120525085218.GH1483@pps.jussieu.fr> <20150814081408.GA13087@crossbow>

Package: apt
Version: 1.0.10.1
Tags: security

* David Kalnischkies <david@kalnischkies.de>, 2015-08-14, 10:14:

For the record: /usr/lib/apt/solvers/dump is the solver, just pipe inwhatever you want and it will be written to /tmp/edsp.dump


That doesn't sound very secure.

--
Jakub Wilk

Reply to:

Follow-Ups:
- Bug#795600: /usr/lib/apt/solvers/dump: insecure use of /tmp
  - From: David Kalnischkies <david@kalnischkies.de>
- Processed: Re: Bug#795600: /usr/lib/apt/solvers/dump: insecure use of /tmp
  - From: owner@bugs.debian.org (Debian Bug Tracking System)