From owner-freebsd-bugs Sat Mar 4 2:20: 6 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 6D9CF37B60E for ; Sat, 4 Mar 2000 02:20:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id CAA19240; Sat, 4 Mar 2000 02:20:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Date: Sat, 4 Mar 2000 02:20:02 -0800 (PST) Message-Id: <200003041020.CAA19240@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Phil Homewood Subject: Re: gnu/17175: [PATCH] send-pr predictable tempfile vulnerability Reply-To: Phil Homewood Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR gnu/17175; it has been noted by GNATS. From: Phil Homewood To: Sheldon Hearn Cc: FreeBSD-gnats-submit@FreeBSD.ORG Subject: Re: gnu/17175: [PATCH] send-pr predictable tempfile vulnerability Date: Sat, 4 Mar 2000 20:12:12 +1000 --3V7upXqbjpZ4EhLz Content-Type: text/plain; charset=us-ascii Sheldon Hearn wrote: > This only works when the user running send-pr has write permission on > the affected file, right? Yes. > While this should be fixed, it's certainly not a show-stopper if it's > just a user-to-user annoyance. Nobody sensible runs send-pr as root. You're assuming sensible users. Bad move. :-) I still think it's serious enough to warrant a fix. > So, assuming I'm right about the urgency involved, have you > investigated the possibility of a patch from the vendor? Although the > send-pr.sh file isn't on the vendor branch any more, it'd make sense to > try to use a vendor-supplied patch. PR has been submitted to vendor as well. "gnats/52" is the Cygnus tracking ID. Note too my followup patch (initial one erroneously took out the '[ -z "$TMPDIR" ] && TMPDIR=/tmp' line which is still needed. Sorry 'bout that. :-) -- Phil Homewood dot@atat.dotat.org phil@rivendell.apana.org.au Member, Australian Public Access Network Association --3V7upXqbjpZ4EhLz Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQCVAwUBOMDhek3NkkPt4cy1AQHIzwP/RDJhh1PcRbED04LtRHg6C/DPcMhMegcs 5+OVw+ZkIteRFAPY6KX4XXrbVPO8/ouoFqNZIc8u2i9SEgVuXXANAyXjwyf8hBh8 ucuLyLzSWiUdxFaD2P+zcomO+jhDFthPh6fEQs+De/GH81XIGDMKs+wbzrdEsrW6 XNwLIiTXmbo= =PLen -----END PGP SIGNATURE----- --3V7upXqbjpZ4EhLz-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message