On Thu, 16 Jul 2009 21:26:53 +0200, Chiel Kooijman wrote: > Package: base > Severity: critical > Tags: security > Justification: root security hole > > I tried to edit /etc/fstab as user (forgot to use `sudo') but, as I > noticed later, the partition that contains the root (/) files was full. > After that I tried to edit the file as superuser (I hadn't read the > message when I tried to write because I assumed it was complaining about > permission). > But when I opened the file again it was empty (it did exist; but no text, > as if created with touch).
are you sure that /etc/fstab was non-empty before you tried to edit it in the first place? it seems rather unlikely that reading a file (that you do not have write permission for) would lead to it getting erased in any situation (full disk or not); although its not impossible. it's more likely that if you didn't resolve the lack of disk beforehand than when you sudo edited the file there was no tmp space for vim's swap file and thus you were looking at an apparently empty file. if you saved that, then you would thus have a permanently empty /etc/fstab. my inclination is that this is not a security problem. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
