Package: passwd Severity: normal Tags: security The 4.0.8 changelog points to a change with minor security implications: | useradd: fixes a potential security problem when mailbox is created in | useradd. | Patch and comment by Koblinger Egmont <[EMAIL PROTECTED]>: | Only two arguments are passed to the open() call though it expects three | because O_CREAT is present. Hence the permission of the file first becomes | some random garbage found on the stack, and an attacker can perhaps open | this file and hold it open for reading or writing before the proper | fchmod() is executed. (Actually, we could also pass the final "mode" to | the open() call and then save the consequent fchmod().)
Cheers, Moritz -- System Information: Debian Release: 3.0 Architecture: i386 Kernel: Linux anton 2.4.29-univention.1 #1 SMP Thu Jan 27 17:08:46 CET 2005 i686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] Versions of packages passwd depends on: ii libc6 2.3.2-9 GNU C Library: Shared libraries an ii libpam-modules 0.76-14.4.200410080708 Pluggable Authentication Modules f ii libpam0g 0.76-14.4.200410080708 Pluggable Authentication Modules l ii login 1:4.0.3-17.6.200402110832 System login tools -- debconf-show failed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]