Package: hplip Version: 3.12.6-3 Tags: security (Please adjust severity as necessary)
Hi, pkit.py seems to create a log file at /tmp/hp-pkservice.log and I believe it is done as root, making it a nice vector for a symlink attack. I only took a quick look at it, so I might be missing something. Could you please confirm the report? Thanks, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
