[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: gEDA-user: Security bug -medium: geda-gnetlist



On Tue, 2008-12-23 at 00:26 +0000, Peter Clifton wrote:
> On Tue, 2008-12-23 at 00:28 +0100, Chitlesh GOORAH wrote:
> > On Tue, Nov 18, 2008 at 10:06 PM, Chitlesh GOORAH wrote:
> > > Hello gEDA developers,
> > >
> > > A bug filed against geda-gnetlist by RedHat's security team was filed:
> > > https://bugzilla.redhat.com/show_bug.cgi?id=472116
> > > Bug 472116 -  CVE-2008-5148 geda-gnetlist insecure temporary file use [Fdevel]
> > >
> > > The issue is that the value of TMP is predictable
> > > and a local evildoer could create a symlink causing some data to be overwritten.
> 
> Well, if you look at the patch, you'll see that it tries to create a
> directory with that name, with safe permissions. If that doesn't work,
> it exits. If it works, the temp-file is made inside the directory with
> safe permissions.

Please see:

http://archives.seul.org/geda/dev/Nov-2008/msg00227.html

For why we didn't fix this as you suggested.

-- 
Peter Clifton

Electrical Engineering Division,
Engineering Department,
University of Cambridge,
9, JJ Thomson Avenue,
Cambridge
CB3 0FA

Tel: +44 (0)7729 980173 - (No signal in the lab!)



_______________________________________________
geda-user mailing list
geda-user@xxxxxxxxxxxxxx
http://www.seul.org/cgi-bin/mailman/listinfo/geda-user