ah, good find. Ardo and Christian,
If I make an update to the 4.1.2 package, fixing this, and a couple of other issues that I've been told about in the next 48 days, would one of you be willing to upload it for me so it gets into Lenny? Sven Dmitry E. Oboukhov wrote: > Package: twiki > Severity: grave > Tags: security > > This message about the error concerns a few packages at once. I've > tested all the packages on my Debian mirror. (post|pre)(inst|rm) and > config scripts were tested. > > In some packages I've discovered scripts with errors which may be used > by a user for damaging important system files. > > For example if a script uses in its work a temp file which is created > in /tmp directory, then every user can create symlink with the same > name in this directory in order to destroy or rewrite some system > file. > > I set Severity into grave for this bug. The table of discovered > problems is below. > > +------------------+-----------------+---------------------------------- > | package | script | file for attack > +------------------+-----------------+---------------------------------- > | mplayer-1.0~rc2 | config | /tmp/HACK (pipe) > | | | > | nws-2.13 | postinst | /tmp/nws.debug (cp) > | | | > | ppp-2.4.4rel | postinst | /tmp/probe-finished (rm -f, pipe) > | | postinst | /tmp/ppp-errors (rm -f, pipe) > | ppp-udeb | /etc/ppp/ip-up | /tmp/resolv.conf.tmp (cp) > | | | > | twiki-4.1.2 | postinst | /tmp/twiki (chmod 1777, chown) > +------------------+-----------------+---------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
