Package: logol
Version: 1.5.0-2
Severity: grave
Tags: security
Justification: user security hole
User: [email protected]
Usertags: piuparts
Hi,
during a test with piuparts I noticed that your packages creates a world
writable directory:
drwxrwxrwx 2 root root 40 Jul 1 21:59 /var/lib/logol/results
There any local user may delete/replace arbitrary files that were not
created by the user himself.
Andreas
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
