severity 307632 normal
thanks
This bug is not RC and is not a security issue. The piece of policy
quoted is intended to warn against attacks such as symlink attacks that
can be performed on unsafely created temp files. The program in question
is run during a fai install, before the system is
Hi Joey,
On Thursday 05 May 2005 22:02, Joey Hess wrote:
This bug is not RC and is not a security issue. The piece of policy
quoted is intended to warn against attacks such as symlink attacks that
can be performed on unsafely created temp files. The program in question
is run during a fai
Holger Levsen wrote:
This is not true/right, since fai 2.8 fai can run on a running system, so
there might be ways to exploit this.
Ah sorry I wasn't aware of this. I can verify that it's exploitable if
you run it on a running system, FWIW.
--
see shy jo
signature.asc
Description: Digital
On Thu, 5 May 2005 16:02:33 -0400, Joey Hess [EMAIL PROTECTED] said:
severity 307632 normal
can be performed on unsafely created temp files. The program in question
is run during a fai install, before the system is multiuser, and so its
unsafe temp files cannot be created.
4 matches
Mail list logo
