Date: Wed, 10 Jul 1996 07:59:59 +0900 (JST) From: Masafumi NAKANE <masafumi@tky007.tth.expo96.ad.jp> To: FreeBSD-gnats-submit@freebsd.org Subject: gnu/1379: Man command problem, when it writes into symlinked dir Message-ID: <199607092259.HAA25766@mail.tky007.tth.expo96.ad.jp> Resent-Message-ID: <199607092310.QAA16762@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 1379 >Category: gnu >Synopsis: Man command problem, when it writes into symlinked dir >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jul 9 16:10:01 PDT 1996 >Last-Modified: >Originator: Masafumi NAKANE >Organization: >Release: FreeBSD 2.2-CURRENT i386 >Environment: This problem occurs on FreeBSD-current with CTM deltas up to src-cur.1973 applied. >Description: The man command doesn't check the owner of the symbolic link when it writes the formatted man page out to symlinked cat? directory. This makes it possible for non-super-user to populate /usr/share/man/cat? directories (or any directories owned by the user man) with junk and/or replace existing pre-formatted man pages with meangless files. >How-To-Repeat: % setenv MANPATH $HOME/man % mkdir $HOME/man % mkdir $HOME/man/man1 % ln -s /usr/share/man/cat1 $HOME/man/cat1 % touch $HOME/man/man1/whatever.1 % man whatever >Fix: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607092259.HAA25766>