Package: debian-installer Severity: normal
World writable directory remains after installing Debian 3.1r1 from the official network install CD: /var/log/debian-installer/cdebconf In my opinion this shuld be fixed some way on already installed systems, since any user can use this directory to initialte a DoS attack by filling the /var/log partition unless a quota limit prevents this. PHP and other WEB applications could exploit this directory on a hosting server if PHP allows access to this directory. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-sirius-20051219-0354 Locale: LANG=hu_HU, LC_CTYPE=hu_HU (charmap=ISO-8859-2) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
