On Sun, Nov 20, 2005 at 03:01:58PM -0800, Steve Langasek wrote: > On Sun, Nov 20, 2005 at 10:13:00PM +0100, Bill Allombert wrote: > > However I am not sure this is a security bug: > > The original script create a file named tempfile in the current > > directory, not int /tmp. > > > Would you consider this script to have a security hole? > > #!/bin/sh > > cat "$1" > tempfile > > mv tempfile "$2" > > Yes, because the tool may be run in an untrusted directory that can be > written to by an attacker.
Hello Steve, I have not received any answer from the security team. should I upload the package to unstable in the mean time ? (the unstable version is identical to the sarge version, so in principle a DSA address sarge, etch and sid at once). Cheers, -- Bill. <[EMAIL PROTECTED]> Imagine a large red swirl here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]