*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
Freeciv client can internally launch server for itself. For development purposes, it *prefers* to run server as program named "ser" (or server /freeciv-server) under current working directory. There is some potential for attacker to place his own program named ser in world writable directory and to trick user to run freeciv client in that directory. Upstream patch for this is at http://gna.org/patch/index.php?2827 ** Affects: freeciv (Ubuntu) Importance: Undecided Status: New -- Freeciv client runs another program from *working* directory https://bugs.launchpad.net/bugs/818098 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
