Bug#495785: attal has rpath to insecure location (.:/usr/lib/attal)

[Bill Allombert]

Package: attal
Version: 1.0~rc1+cvs20080318-2
Severity: serious
Tags: security

Hello Debian Games Team,
attal includes a binary /usr/games/attal-theme-editor with a rpath
pointing to .:/usr/lib/attal.

chrpath /usr/games/*
/usr/games/attal-ai: RPATH=.:/usr/lib/attal
/usr/games/attal-campaign-editor: RPATH=.:/usr/lib/attal
/usr/games/attal-client: RPATH=.:/usr/lib/attal
/usr/games/attal-scenario-editor: RPATH=.:/usr/lib/attal
/usr/games/attal-server: RPATH=.:/usr/lib/attal
/usr/games/attal-theme-editor: RPATH=.:/usr/lib/attal

This allows an attacker with write access to the current working directory 
where attal is launched to add modified libraries which will be loaded
when someone else run attal.

Cheers,
-- 
Bill. <ballombe at debian.org>

Imagine a large red swirl here.