The code does this:
# Database dump function
dbdump () {
touch $2
chmod 600 $2
...
mysqldump --defaults-file=/etc/mysql/debian.cnf $NEWOPT $1 > $2
That looks like a chmod to me.
Isn't it possible for someone to obtain a file handle on $2 between the touch
and the chmod?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1251447
Title:
weak file permission with default config/installation
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/automysqlbackup/+bug/1251447/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
