From owner-freebsd-bugs Tue Jul 9 16:10:04 1996 Return-Path: owner-bugs Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA16776 for bugs-outgoing; Tue, 9 Jul 1996 16:10:04 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA16762; Tue, 9 Jul 1996 16:10:02 -0700 (PDT) Resent-Date: Tue, 9 Jul 1996 16:10:02 -0700 (PDT) Resent-Message-Id: <199607092310.QAA16762@freefall.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, max@sfc.wide.ad.jp Received: from mail.tky007.tth.expo96.ad.jp (root@tky007.tth.expo96.ad.jp [133.246.32.58]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA15841 for ; Tue, 9 Jul 1996 16:00:34 -0700 (PDT) Received: (from masafumi@localhost) by mail.tky007.tth.expo96.ad.jp (8.7.5/3.4W4-SMTP) id HAA25766; Wed, 10 Jul 1996 07:59:59 +0900 (JST) Message-Id: <199607092259.HAA25766@mail.tky007.tth.expo96.ad.jp> Date: Wed, 10 Jul 1996 07:59:59 +0900 (JST) From: Masafumi NAKANE Reply-To: max@sfc.wide.ad.jp To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: gnu/1379: Man command problem, when it writes into symlinked dir Sender: owner-bugs@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >Number: 1379 >Category: gnu >Synopsis: Man command problem, when it writes into symlinked dir >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jul 9 16:10:01 PDT 1996 >Last-Modified: >Originator: Masafumi NAKANE >Organization: >Release: FreeBSD 2.2-CURRENT i386 >Environment: This problem occurs on FreeBSD-current with CTM deltas up to src-cur.1973 applied. >Description: The man command doesn't check the owner of the symbolic link when it writes the formatted man page out to symlinked cat? directory. This makes it possible for non-super-user to populate /usr/share/man/cat? directories (or any directories owned by the user man) with junk and/or replace existing pre-formatted man pages with meangless files. >How-To-Repeat: % setenv MANPATH $HOME/man % mkdir $HOME/man % mkdir $HOME/man/man1 % ln -s /usr/share/man/cat1 $HOME/man/cat1 % touch $HOME/man/man1/whatever.1 % man whatever >Fix: >Audit-Trail: >Unformatted: