Regards,
Joop
2006/3/21, Bill Allombert <[EMAIL PROTECTED]>:
Package: hamlib3-perl
Version: 1.2.4-3
Severity: grave
Tags: security
Hello Joop,
usr/lib/perl5/auto/Hamlib/Hamlib.so include a rpath to a user-writable
directory.
%chrpath usr/lib/perl5/auto/Hamlib/Hamlib.so
usr/lib/perl5/auto/Hamlib/Hamlib.so: RPATH=/home/pg4i/Desktop/Projects/Debian/hamlib- 1.2.4/bindings/../src/.libs
This allows a user having a homedir of /home/pg4i/ to get access to accounts
of other people using hamlib3-perl on the box.
Generally spurious rpath should be avoided.
Cheers,
--
Bill. <[EMAIL PROTECTED]>
Imagine a large red swirl here.
--
Linux for your hamradio desktop
_______________________________
http://www.qsl.net/pg4i/linux
