Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

Hi Alexander, Many thanks for your email. I have been willing to review rkhunter bugs before submitting it. Le mercredi 27 août 2008 à 04:00 +0400, Solar Designer a écrit : FWIW, I happened to independently notice this and report it upstream a week ago:

Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

On Wed, Aug 27, 2008 at 09:06:58AM +0200, Julien Valroff wrote: Do you suggest that using /var/run/rkhunter-debug is better than /tmp/rkhunter-debug. (created using mktemp)? Yes - primarily from usability standpoint. This time, having a fixed filename is better, and since rkhunter

Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

FWIW, I happened to independently notice this and report it upstream a week ago: https://sourceforge.net/tracker/?func=detailatid=794190aid=1971965group_id=155034 While I am at it, I suggest that you change /tmp/rkhunter-debug to /var/run/rkhunter-debug. Right now, you have a security hole

Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

Hi Dmitry, Le dimanche 24 août 2008 à 22:05 +0400, Dmitry E. Oboukhov a écrit : Package: rkhunter Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages

Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

Le lundi 25 août 2008 à 14:02 +0400, Dmitry E. Oboukhov a écrit : On 11:09 Mon 25 Aug , Julien Valroff wrote: JV Hi Dmitry, JV Le dimanche 24 août 2008 à 22:05 +0400, Dmitry E. Oboukhov a écrit : JV Package: rkhunter JV Severity: grave [...] JV In some packages I've discovered scripts

Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

On Mon, Aug 25, 2008 at 11:09:02 +0200, Julien Valroff wrote: I think rkhunter is safe, given that the script does check that the file in /tmp is a file (and not a symlink) before using it: if [ $1 = --debug ]; then if [ -e /tmp/rkhunter-debug ]; then

Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

package rkhunter reopen 496375 thanks Le lundi 25 août 2008 à 12:52 +0200, Julien Cristau a écrit : On Mon, Aug 25, 2008 at 11:09:02 +0200, Julien Valroff wrote: I think rkhunter is safe, given that the script does check that the file in /tmp is a file (and not a symlink) before using it:

Processed: Re: Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

Processing commands for [EMAIL PROTECTED]: package rkhunter Ignoring bugs not assigned to: rkhunter reopen 496375 Bug#496375: The possibility of attack with the help of symlinks in some Debian packages Bug reopened, originator not changed. thanks Stopping processing here. Please contact me

Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

This one time, at band camp, Julien Valroff said: What can I do to prevent this? Dmitry suggested using mktemp, but this would only *reduce* the probability of exploiting this race condition. No, it pretty much eliminates it. mktemp is clever enough to give you a unique filename that doesn't

Bug#496375: The possibility of attack with the help of symlinks in some Debian packages

Package: rkhunter Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors