Bug#1022568: RFS: ipmiutil/3.1.8-3 -- IPMI management utilities
On Mon, Oct 24, 2022 at 08:55:59AM +0200, Jörg Frings-Fürst wrote:
> ipmiutil (3.1.8-3) unstable; urgency=medium
> .
> * debian/patches/0705-crontab.patch: Fix overwrite binary (Closes: #1022240).
* * * * * root $prog -r > /tmp/wdt.lastrun 2&>1
Could you please pick a location that's not writeable by any unprivileged
user?
While dropping a symlink there is less fun if fs.protected_symlinks is 1
(it is by default on Debian), that setting might be for some reason off
-- and even if it's on, merely disabling monitoring is still a vuln.
Meow!
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋⠀ Quis trollabit ipsos trollos?
⠈⠳⣄⠀⠀⠀⠀
Reply to: