Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 159544 - app-emulation/mol mol-pciproxy-dump.patch: Insecure usage of files in /tmp.
Summary: app-emulation/mol mol-pciproxy-dump.patch: Insecure usage of files in /tmp.
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2006-12-31 02:05 UTC by Vic Fryzel (shellsage) (RETIRED)
Modified: 2007-01-14 00:31 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vic Fryzel (shellsage) (RETIRED) gentoo-dev 2006-12-31 02:05:08 UTC 
The file mol-pciproxy-dump.patch distributed with app-emulation/mol needs to include the O_EXCL flag on line 273 to avoid writing to already existing files, including symlinks.  See `man 2 open`.  This could potentially allow for the overwriting of arbitrary files upon installation of app-emulation/mol.  Note that all instances of this package are masked, but I thought I would report it anyway.
Comment 1 Joe Jezak (RETIRED) gentoo-dev 2007-01-01 13:43:18 UTC 
I think I'd rather just remove the patch, it's of limited use to most people anyway (it was originally written to allow reverse engineering PCI devices through MOL).

I'll remove it and add a version bump (it isn't masked on ppc).  Would that be okay with security?
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-01-06 12:34:17 UTC 
Yeah a new fixed and stable version would be sufficient.
Comment 3 Joe Jezak (RETIRED) gentoo-dev 2007-01-08 22:07:00 UTC 
Fixed in CVS, I'm not sure if security wants to do anything else for this bug, so I'll leave it open.

Thanks!
Comment 4 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-01-09 08:23:11 UTC 
Thx Joe.

Security, this one is ready for GLSA decision.

I tend to vote NO.
Comment 5 Vic Fryzel (shellsage) (RETIRED) gentoo-dev 2007-01-09 11:23:16 UTC 
I vote no.
Comment 6 Stefan Cornelius (RETIRED) gentoo-dev 2007-01-09 11:44:26 UTC 
no and closing. thanls