Your message dated Sat, 7 Oct 2006 11:19:36 +0200
with message-id <[EMAIL PROTECTED]>
has caused the Debian Bug report #290507,
regarding vim: does not close files when executing shell
to be marked as having been forwarded to the upstream software
author(s) [EMAIL PROTECTED]
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Hi Bram,
here comes another bug report from the Debian bug tracking system, with
a small security issue.
Quoting from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=290507:
> Vim does not close temporary file (.file.swp) when executing shell, so
> program executed in shell can read and write from/to that file, even if
> It is not possible with normal command invocation. Not sure wheter it is
> really recurity problem though.
>
> Example:
>
> # cd
> # vim file
> [edit file and enter :sh to run shell]
> # su user
> $ ls -l .file.swp
> ls: .file.swp: Permission denied
> $ ls -l /proc/self/fd
> ...
> lrwx------ 1 user user 64 2005-01-14 15:55 11 -> /root/.file.swp
> ...
> $ echo -e '\nqwerty' >&11
> $ ^D
> # tail -1 .file.swp
> qwerty
> #
What's your opinion on this? Do you consider it a bug or not?
TIA,
Cheers.
--
Stefano Zacchiroli -*- Computer Science PhD student @ Uny Bologna, Italy
[EMAIL PROTECTED],debian.org,bononia.it} -%- http://www.bononia.it/zack/
If there's any real truth it's that the entire multidimensional infinity
of the Universe is almost certainly being run by a bunch of maniacs. -!-
--- End Message ---
