This bug is CVE-2008-5367-like, but in a different script, that why filing it not as CVE-2008-5367. We've got: /etc/ppp/ip-up.d/40-dns.sh: } > $REALRESOLVCONF.tmp /etc/ppp/ip-up.d/40-dns.sh: mv $REALRESOLVCONF.tmp $REALRESOLVCONF
1) I should have attached it. 2) REALRESOLVCONF=$(readlink --canonicalize /etc/resolv.conf) -> normal users will not able to able to create a symlink for /etc/resolv.conf.tmp 3) I promise, I'll have a deeper look next time. Sorry guys. :(