could you elaborate on what security implications (since you are talking
about attacks) this bug would result in? to me -- none (besides
'misinformation), since that file to accumulate the body of the email
which is to be sent upon actionstop.
if I am right, and there is no security implications, then I would like
to reduce severity to normal at most
On Sat, 29 Aug 2009, Tomasz Papszun wrote:
> Package: fail2ban
> Version: 0.8.3-2sid1
> Severity: important
> The files /etc/fail2ban/action.d/mail-buffered.conf and
> /etc/fail2ban/action.d/sendmail-buffered.conf
> use file in the writable-for-all directory for appending text, i.e.
--
.-.
=------------------------------ /v\ ----------------------------=
Keep in touch // \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko /( )\ ICQ#: 60653192
Linux User ^^-^^ [175555]
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]