Dear Salvatore, > You are operating here outside of /tmp (sticky world-writable > directory) which the above issue for the init scripts relies on, > right? fs.protected_(hardlinks|symlinks) is exactly a hardening for > those issues: > https://www.kernel.org/doc/Documentation/sysctl/fs.txt
I see: the kernel now treats things in /tmp (with sticky bit permissions) differently from other places (without "weird" permissions). Thanks for pointing this out for me! (I never noticed this change...) Then I agree that this issue is not exploitable in default Debian, no need for DSA. (Sorry about the noise.) Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia __ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.