Bugs item #3603897, was opened at 2013-02-08 18:25 Message generated for change (Settings changed) made by danielel You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=611248&aid=3603897&group_id=95403
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None >Priority: 7 Private: Yes Submitted By: https://www.google.com/accounts () >Assigned to: Daniele Lacamera (danielel) Summary: unsafe use of /tmp files Initial Comment: Hello, while performing an audit of vde2 (https://bugs.launchpad.net/ubuntu/+source/vde2/+bug/776818) I found a bug; it may even be a security bug. If you decide this is a security issue, please contact the linux-distros security list to coordinate a release and request a CVE number. (See http://oss-security.openwall.org/wiki/mailing-lists/distros for details on using the linux-distros list. Note especially that [vs] is required in the Subject: header.) There is an unsafe use of /tmp files in cryptcab: if ((od = creat ("/tmp/.blowfish.key",0600)) == -1){ Note that creat(2) cannot protect against symlink attacks because it does not include the open(2) O_EXCL flag. It also seems odd to hard code a filename here rather than use mkstemp(3) to generate a random filename and properly create the file (using O_EXCL to open(2)). ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=611248&aid=3603897&group_id=95403 ------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev _______________________________________________ vde-users mailing list vde-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/vde-users
