Debian Security Advisory
xfs -- symbolic link can be used to change file permissions
- Date Reported:
- 31 Mar 1999
- Affected Packages:
- Security database references:
- In the Bugtraq database (at SecurityFocus): BugTraq ID 359.
In Mitre's CVE dictionary: CVE-1999-0434.
- More information:
- Some implementations of xfs incorrectly set the
permissions of /tmp/.font-unix even if that location is a symbolic
link to another file. Debian 2.1 (slink) is not vulnerable to this
This ISS Security - X-Force Alerts - xfree86-xfs-symlink-dos page provides a good summary of the xfs vulnerability.
The vulnerability can be used to change the permissions of the /etc/shadow file, as shown in Neohapsis Archives (BugTraq) 1999 "bugs in xfs". The InDenial BugTraq Archives - 1999 Mar "bugs in xfs" shows the thread.