Bug#575921: install_packages may write to world writable directory

2010-03-31 Thread Michael Tautschnig
Package: fai-client Severity: critical Tags: security Tags: pending When using fai softupdate, install_packages writes a list of all packages to the file /var/tmp/package, which is located in a world writeable directory. It also writes to /tmp/packages.list if FAI_DEBSOURCESDIR is set.

Bug#575921: install_packages may write to world writable directory

2010-03-31 Thread Thomas Lange
On Wed, 31 Mar 2010 10:18:25 +0200, Michael Tautschnig m...@debian.org said: Would you mind explaining how this could possibly be exploited? There is A user could create a symlink pointing to a file (e.g. /etc/passwd) which will then be overwritten when root calls fai softupdate. Maybe

Bug#575921: install_packages may write to world writable directory

2010-03-31 Thread Thomas Lange
On Tue, 30 Mar 2010 21:36:05 +0200, Gerfried Fuchs rho...@deb.at said: If they only affect FAI versions from 3.3 - shouldn't it be versioned like that? In case I missed something feel free to revert, but without a found version this looks like affecting even lenny. The last part

Processed: Re: Bug#575921: install_packages may write to world writable directory

2010-03-31 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: notfound 575921 3.3 Bug #575921 [fai-client] install_packages may write to world writable directory Bug No longer marked as found in versions fai/3.3. thanks Stopping processing here. Please contact me if you need assistance. Debian bug

Bug#575921: install_packages may write to world writable directory

2010-03-31 Thread Gerfried Fuchs
notfound 575921 3.3 thanks * Thomas Lange la...@informatik.uni-koeln.de [2010-03-31 21:47:08 CEST]: On Tue, 30 Mar 2010 21:36:05 +0200, Gerfried Fuchs rho...@deb.at said: If they only affect FAI versions from 3.3 - shouldn't it be versioned like that? In case I missed something

Bug#575921: install_packages may write to world writable directory

2010-03-30 Thread Thomas Lange
Package: fai-client Severity: critical Tags: security Tags: pending When using fai softupdate, install_packages writes a list of all packages to the file /var/tmp/package, which is located in a world writeable directory. It also writes to /tmp/packages.list if FAI_DEBSOURCESDIR is set. These

Processed: Re: Bug#575921: install_packages may write to world writable directory

2010-03-30 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: found 575921 3.3 Bug #575921 [fai-client] install_packages may write to world writable directory Bug Marked as found in versions fai/3.3. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system

Bug#575921: install_packages may write to world writable directory

2010-03-30 Thread Gerfried Fuchs
found 575921 3.3 thanks * Thomas Lange la...@informatik.uni-koeln.de [2010-03-30 16:32:44 CEST]: When using fai softupdate, install_packages writes a list of all packages to the file /var/tmp/package, which is located in a world writeable directory. It also writes to /tmp/packages.list if