Re: Uploaded devscripts 2.0.0 (source all) to master
> > > Did you do this safely? Ie, did you protect against file in /tmp exploits?
> >
> > debchange runs with no special privileges, so I haven't taken
> > precautions against /tmp exploits. What I will do, though, is to
> > disable debchange from running as root or setuid root for the next
> > release.
>
> Sorry, this means that I can file a critical security bug on devscripts.
> Consider this:
>
> ln -s /home/joey/thesis.txt /tmp/changelog
>
> If an attacker on the system tries something like this, joey's thesis paper
> will be replaced with a copy of his changelog the next time he uses debchange.
> (This is assumming you use /tmp/changelog as the tmp file.)
>
> The correct solution to this is to not use /tmp. Just output to
> debian/changelog.new and move that over top of debian/changelog when done.
OK, will fix later or tomorrow and upload version 2.0.3, urgency=high.
Julian
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Julian Gilbey Email: J.D.Gilbey@qmw.ac.uk
Dept of Mathematical Sciences, Queen Mary & Westfield College,
Mile End Road, London E1 4NS, ENGLAND
-*- Finger jdg@goedel.maths.qmw.ac.uk for my PGP public key. -*-
Reply to: