Package: wims
Version: 4.01c
Severity: serious
Tags: security
Hello Georges,
wims.postinst do:
dpkg-statoverride --update --force --add root root 6755 $rootwrapper
2>/dev/null
See policy 10.9.1. The use of `dpkg-statoverride'
There is one type of situation, though, where calls to
`dpkg-statoverride' would be needed in the maintainer scripts, and
that involves packages which use dynamically allocated user or group ids.
This is clearly not the case here: root is statically allocated, so you
should instead ship the program suid in the .deb.
But I really wonder if this file is necessary at all and whether this does not
create security issues. the source code is in wims/src/Misc/chroot.c
it does fun stuff like
int execuid=15999;
int execgid=15999;
...
if(setregid(execgid,execgid)<0) goto abandon;
if(setreuid(execuid,execuid)<0) goto abandon;
without any regard for the existence of an account with UID/GID 15999
and seems riddled with security issues.
Cheers,
--
Bill. <[email protected]>
Imagine a large red swirl here.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
