clone 505071 -1 retitle -1 symlink attack in login leading to arbitrary file ownership tags -1 security severity -1 serious tags -1 patch thanks
Somebody with write access to the utmp database can create the conditions for a symlink attack in login, leading to gaining ownership of an arbitrary file. Proposed fix: Changing chown (tty, ...) to fchown (0, ...) in chowntty() Best Regards, -- Nekral -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
