Package: monkey Version: 0.9.3-1 Severity: grave Tags: security Justification: user security hole
Monkey webserver fails to drop supplemental groups when lowering privileges. This allows any local user on the system to read any fine that root's supplemental groups can access. Monkey does perform a filesystem access check to make sure that its EUID/EGID can access the target file, but this check is subject to TOCTOU flaws. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org