Not sure wether we already fixed this one. thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.
That CVE doesn't tell me much - any clue on how I can (try to) reproduce this?
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396277 <quote> Insecure use of /tmp in /etc/logrotate.d/thttpd: if pidof thttpd 2>&1 > /dev/null; then touch /tmp/start_thttpd fi By creating a /tmp/start_thttpd symlink a local attacker will be able to create/touch any file as root. </quote>
does not seem like the ebuild even provides a conf file for logrotate, so I guess we can close this if somebody confirms
(In reply to comment #3) > does not seem like the ebuild even provides a conf file for logrotate, so I > guess we can close this if somebody confirms > i can confirm. Feel free to reopen if you disagree
