Package: diffmon Version: 20020222-2 Severity: critical Justification: root security hole
diffmon explicitly sets umask to '000' thus creating all files in /tmp with world readable attributes. This may allow local users to read files that they normally don't have access to. The attached patch makes diffmon use a more reasonable umask. Lothar Wassmann -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (50, 'unstable'), (50, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8.1 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages diffmon depends on: ii bash 2.05b-26 The GNU Bourne Again SHell ii debconf 1.4.30.13 Debian configuration management sy ii exim4-daemon-light [mail-tr 4.50-8sarge2 lightweight exim MTA (v4) daemon -- debconf information: * diffmon/configwarning:
--- usr/bin/diffmon.org 2002-02-26 15:06:49.000000000 +0100 +++ usr/bin/diffmon 2006-08-09 08:59:21.389223825 +0200 @@ -170,7 +170,7 @@ # Make sure PATH includes location of sendmail and gzip. PATH="/usr/local/gnubin:/usr/local/bin:${PATH}:/usr/lib:/usr/sbin" - umask 000 + umask 077 TRAP_SIGNALS="EXIT SIGHUP SIGINT SIGQUIT SIGTERM" trap 'cleanup_and_exit' ${TRAP_SIGNALS}