* Ritesh Raj Sarraf , 2019-03-18, 20:06:
Do you use apport ?
No.
Or have interest for it in Debian ?
Also no.
--
Jakub Wilk
On Fri, 2019-03-15 at 22:40 +0100, Jakub Wilk wrote:
> Apport creates /var/crash/.lock as readable and writable for anyone:
>
># ls -l /var/crash/.lock
>-rwxrwxrwx 1 root root 0 Mar 15 22:30 /var/crash/.lock
>
> This allows malicious local users to do bad things:
>
> * They could fill up
Package: apport
Version: 2.20.4-5
Tags: security
Apport creates /var/crash/.lock as readable and writable for anyone:
# ls -l /var/crash/.lock
-rwxrwxrwx 1 root root 0 Mar 15 22:30 /var/crash/.lock
This allows malicious local users to do bad things:
* They could fill up the disk, bypassing
3 matches
Mail list logo