On Sun, Mar 21, 2010 at 09:45:02PM +0100, Nico Golde wrote:
Also, I'm watching syslog quite a lot and I noticed this line at boot:
| Mar 21 19:56:39 r2 ddclient[3135]: WARNING: file
/tmp/ddclient.cache, line 3: Invalid Value for keyword 'ip' = ''
Hmm ok, this is strange. When I wrote
Package: ddclient
Version: 3.8.0-10
Severity: grave
Tags: security
Justification: user security hole
Hi,
A local user could perform a symlink attack against /tmp/ddclient.cache file.
I see two solutions for this problem:
1) use /var/run/ddclient.cache as the cache file (only root has access
Hey,
* Teodor mteo...@gmail.com [2010-03-21 16:49]:
A local user could perform a symlink attack against /tmp/ddclient.cache file.
I see two solutions for this problem:
1) use /var/run/ddclient.cache as the cache file (only root has access here)
2) use `mktemp' to create a non-predictable
Hi,
On Sun, Mar 21, 2010 at 6:43 PM, Nico Golde n...@debian.org wrote:
From what I see it is using /var/cache/ddclient/ddclient.cache. Can you
elaborate why you think it's using /tmp/?
It doesn't apper to be using that directory. This is what I have on my laptop:
| d...@r2:~$ ls -l
Hey,
* Teodor MICU mteo...@gmail.com [2010-03-21 19:23]:
On Sun, Mar 21, 2010 at 6:43 PM, Nico Golde n...@debian.org wrote:
From what I see it is using /var/cache/ddclient/ddclient.cache. Can you
elaborate why you think it's using /tmp/?
It doesn't apper to be using that directory. This is
5 matches
Mail list logo
