On 2015-03-20 14:09, Markus Wanner wrote:
Control: tags -1 - moreinfo
On 03/18/2015 11:12 PM, Rebecca N. Palmer wrote:
Is untrusted scripts being able to write (not read) /tmp/*.xml a
security or other RC bug (which would require a new upload of
flightgear
_and_ flightgear-data with the obvious fixes), or just not a good
idea?
AFAIUI at the very worst, an untrusted nasal script could override an
existing *.xml file in /tmp, which already has its execute permissions
set, right? I'm not sure whether "write" here means overriding a file
is
okay or if it restricts to creating new files, though.
The latter's potentially a fairly important point. One of the reasons
that insecure tempfile handling is an issue is that if you write to or
truncate a file in /tmp and that file is a symlink to another file the
result can be that the destination file is modified.
I'm assuming that there's no good reason for anyone ever to be running
flightgear in a privileged context so you'd still be restricted to
writing to files that the user has direct access to, albeit potentially
escaping the directory sandboxxing. (If symlinks are followed then the
same is true of all of the directories involved but I'm also assuming
that /tmp is the only one where it's likely that other users would be
able to create such symlinks.)
Regards,
Adam
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
