On Mon, Dec 19, 2005 at 04:01:32PM +0100, Bill Allombert wrote: > On Sun, Nov 20, 2005 at 03:01:58PM -0800, Steve Langasek wrote: > > On Sun, Nov 20, 2005 at 10:13:00PM +0100, Bill Allombert wrote: > > > However I am not sure this is a security bug: > > > The original script create a file named tempfile in the current > > > directory, not int /tmp.
> > > Would you consider this script to have a security hole? > > > #!/bin/sh > > > cat "$1" > tempfile > > > mv tempfile "$2" > > Yes, because the tool may be run in an untrusted directory that can be > > written to by an attacker. > Hello Steve, I have not received any answer from the security team. > should I upload the package to unstable in the mean time ? > (the unstable version is identical to the sarge version, so in > principle a DSA address sarge, etch and sid at once). Under the circumstances, uploading a fix to unstable seems sensible. Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
