Date: Wed, 23 Dec 2009 11:50:16 +0100 From: Hanno Böck <hanno@...eck.de> To: OSS Security List <oss-security@...ts.openwall.com> Subject: CVE request: acl 2.2.47 always follows symlinks setfacl/getfacl (part of package acl-2.2.47) contains a bug that it ignores the --physical/-P parameter that means don't follow symlinks on -R (recursive). This can lead to security problems, e.g. if there's a cron script giving a user full rwX rights for a directory, he can put a symlink there pointing to / or /etc or whatever. Another scenario would be a backup script saving the /home acls to a file, every user can create an endless loop for that and prevent the script from completing. http://oss.sgi.com/bugzilla/show_bug.cgi?id=790 http://bugs.gentoo.org/show_bug.cgi?id=265425 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499076 Fixed in upstream source, but no new release yet. Please assign a CVE. -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno@...eck.de http://schokokeks.org - professional webhosting Download attachment "signature.asc " of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ