On Thu, 21 Jun 2018 01:14:07 +0200, Wouter Verhelst
wrote:
>If init (or whatever) scripts start failing in that case, then Debian is
>overruling local policy. That's never a good thing.
>
>So no, I don't think we should check this, unless upstream added the
>check (because patching away such featu
On Wed, 20 Jun 2018 22:01:41 +0100, Simon McVittie
wrote:
>On Wed, 20 Jun 2018 at 21:49:29 +0200, Marc Haber wrote:
>> It has (finally, and to late) occurred to me that
>>
>> |# back up /etc/default/foo
>> |cp /etc/default/foo ~/foo
>> |(try something in /etc/default)
>> |sudo mv ~/foo /etc/defau
On Wed, Jun 20, 2018 at 09:49:29PM +0200, Marc Haber wrote:
> It has (finally, and to late) occurred to me that
>
> |# back up /etc/default/foo
> |cp /etc/default/foo ~/foo
> |(try something in /etc/default)
> |sudo mv ~/foo /etc/default/foo
>
> will place a file owned by my "normal" user into /e
Marc Haber writes:
> back in the sysvinit days, we used to have the following construct as
> a common idiom in init scripts:
>
> |if [ -f /etc/default/foo ]; then
> | . /etc/default/foo
> |fi
>
> This is an immediate privilege escalation vulnerability in the case
> that /etc/default/foo or /etc/de
On Wed, 20 Jun 2018 at 21:49:29 +0200, Marc Haber wrote:
> It has (finally, and to late) occurred to me that
>
> |# back up /etc/default/foo
> |cp /etc/default/foo ~/foo
> |(try something in /etc/default)
> |sudo mv ~/foo /etc/default/foo
>
> will place a file owned by my "normal" user into /etc/
5 matches
Mail list logo
