Summary: | Symlink attack in net-dialup/ppp-2.4.4-r21 /etc/ppp/ip-up.d/40-dns.sh | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | minor | CC: | mrness |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [ebuild] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 235770 |
Description
Stefan Behte (RETIRED)
2008-12-10 21:09:45 UTC
1) I should have attached it. 2) REALRESOLVCONF=$(readlink --canonicalize /etc/resolv.conf) -> normal users will not able to able to create a symlink for /etc/resolv.conf.tmp 3) I promise, I'll have a deeper look next time. Sorry guys. :( |