Bug#307632: marked as done (creates /tmp/fai directory unconditionally (insecure tempfile))

Fri, 06 May 2005 10:13:10 -0700 

Your message dated Fri, 06 May 2005 12:32:06 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#307632: fixed in fai 2.8.2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 4 May 2005 10:53:34 +0000
>From [EMAIL PROTECTED] Wed May 04 03:53:34 2005
Return-path: <[EMAIL PROTECTED]>
Received: from zs04.physik.fu-berlin.de [160.45.35.155] 
([U2FsdGVkX1/mzo6neJjcqbcw37/NeeqSYLqgOZk1BGo=])
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1DTHVU-0000Gi-00; Wed, 04 May 2005 03:53:32 -0700
Received: from burns.physik.fu-berlin.de ([160.45.33.1])
        by zs04.physik.fu-berlin.de with esmtp (Exim 4.50)
        id 1DTHVO-0001Kp-Pm
        for [EMAIL PROTECTED]; Wed, 04 May 2005 12:53:28 +0200
Received: from glaweh by burns.physik.fu-berlin.de with local (Exim 3.36 #1 
(Debian))
        id 1DTHVO-0004ze-00
        for <[EMAIL PROTECTED]>; Wed, 04 May 2005 12:53:26 +0200
Content-Type: multipart/mixed; boundary="===============1045752262=="
MIME-Version: 1.0
From: Henning Glawe <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: creates /tmp/fai directory unconditionally (insecure tempfile)
X-Mailer: reportbug 3.8
Date: Wed, 04 May 2005 12:53:26 +0200
Message-Id: <[EMAIL PROTECTED]>
Sender: Henning Glawe <[EMAIL PROTECTED]>
X-Scanned: No viruses found.
X-Scan-Signature: 895856e2e0e98ff487e29a7779571294
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

This is a multi-part MIME message sent by reportbug.

--===============1045752262==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Package: fai
Version: 2.8.1
Severity: serious
Tags: patch


* BUGFIX: create /tmp/fai only when DO_INIT_TASKS
/tmp/fai was created, but not used when performing softupdates and not 
removed afterwards

basically, this violates policy 10.4, because:
     Any scripts which create files in world-writeable directories (e.g.,
     in `/tmp') must use a mechanism which will fail if a file with the
     same name already exists.


-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.10
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)

Versions of packages fai depends on:
ii  debconf                       1.4.30.13  Debian configuration management sy
ii  libapt-pkg-perl               0.1.13     Perl interface to libapt-pkg
ii  perl                          5.8.4-8    Larry Wall's Practical Extraction 

--===============1045752262==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
        
filename="20050503174352--BUGFIX_create_tmp_fai_only_when_DO_INIT_TASKS.diff"

Tue May  3 19:43:52 CEST 2005  [EMAIL PROTECTED]
  * BUGFIX: create /tmp/fai only when DO_INIT_TASKS
  /tmp/fai was created, but not used when performing softupdates and not 
  removed afterwards
diff -rN -u old-pfai/scripts/fai new-pfai/scripts/fai
--- old-pfai/scripts/fai        2005-05-03 19:46:32.577839000 +0200
+++ new-pfai/scripts/fai        2005-05-03 19:40:47.000000000 +0200
@@ -111,7 +111,7 @@
 
     # directory where temporary log files are stored
     # set default value if nothing is set in fai.conf
-    if [ -z "$LOGDIR" ]; then
+    if [ -z "$LOGDIR" -a $DO_INIT_TASKS -eq 1 ]; then
        LOGDIR=/tmp/fai
        mkdir -p $LOGDIR
     fi


--===============1045752262==--

---------------------------------------
Received: (at 307632-close) by bugs.debian.org; 6 May 2005 16:43:21 +0000
>From [EMAIL PROTECTED] Fri May 06 09:43:21 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1DU5v7-0004EC-00; Fri, 06 May 2005 09:43:21 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
        id 1DU5kE-0000Tb-00; Fri, 06 May 2005 12:32:06 -0400
From: Thomas Lange <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#307632: fixed in fai 2.8.2
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Fri, 06 May 2005 12:32:06 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 
X-CrossAssassin-Score: 2

Source: fai
Source-Version: 2.8.2

We believe that the bug you reported is fixed in the latest version of
fai, which is due to be installed in the Debian FTP archive:

fai_2.8.2.dsc
  to pool/main/f/fai/fai_2.8.2.dsc
fai_2.8.2.tar.gz
  to pool/main/f/fai/fai_2.8.2.tar.gz
fai_2.8.2_all.deb
  to pool/main/f/fai/fai_2.8.2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Lange <[EMAIL PROTECTED]> (supplier of updated fai package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri,  6 May 2005 09:23:34 +0200
Source: fai
Binary: fai
Architecture: source all
Version: 2.8.2
Distribution: unstable
Urgency: high
Maintainer: Thomas Lange <[EMAIL PROTECTED]>
Changed-By: Thomas Lange <[EMAIL PROTECTED]>
Description: 
 fai        - Fully Automatic Installation
Closes: 307631 307632 307838
Changes: 
 fai (2.8.2) unstable; urgency=high
 .
   * remove old unused scripts from cvs source
   * updatebase: use mktemp for creating temp file, this closes a serious
     security bug (closes: #307838)
   * fai: create dir only during initial installation, fixes a critical bug
     (closes: #307632)
   * subroutines-linux: do not "mount --bind" when FAI_ROOT=/, closes
     important bug (closes: #307631)
Files: 
 82e5de30184fb23bcd6883210e448cdd 524 admin extra fai_2.8.2.dsc
 6687553fcaec88a8393247623dbe6b64 211264 admin extra fai_2.8.2.tar.gz
 628419bfbf5a7bd8fc513702446d5d7d 596710 admin extra fai_2.8.2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCe5vI3BPlTqubZv0RAp+aAKDc+Rq/fF94MGw9F5IBXkJkAruScACeKmKN
+oGP4YL9+LNqOF0TjDf1YyE=
=wbTE
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to