On Sat, Sep 25, 2010 at 02:17:32PM +0200, Bernhard R. Link wrote:
> Package: coreutils
> Version: 8.5-1
> Tags: security
> X-Debbugs-CC: [email protected]
>
> Install a regular file with install creates the file with the same
> permissions as the original file, copies the contents,
> then changes the permissions of that file to 0600 and finally changes
> ownerships and sets permissions to the ones requested with -m.
>
> This means that if the target directory is more accessibly than the
> original directory, or if the group will be set, the file can
> for a short time be accessible to users it should not be accessible to.
Did you or the maintainer submit/report this upstream?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
