On Fri, Dec 10, 2010 at 9:43 AM, Michael Tautschnig <m...@debian.org> wrote: >> These lines from this package's maintainer scripts suggest that it likely >> is affected by the vulnerability: >> >> --------------------------------------------------------------------------- >> chmod 640 $FRESHCLAMLOGFILE >> chown "$dbowner":adm $FRESHCLAMLOGFILE >> --------------------------------------------------------------------------- >> > > What is wrong about these two lines? And even from ...
It suggests the daemon itself creates the file. Copytruncate suggests logrotate also creates the file. Logrotate runs as root, so if the attacker (running as daemon user) creates the symlink, logrotate might overwrite an arbitrary file (I guess). Olaf -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktiktouq2opsx7q3ogsjp2sf14v65866newq04...@mail.gmail.com
