[DebianGIS-dev] Bug#508597: gpsdrive: allows local users to overwrite arbitrary files via a symlink attack
Hamish
hamish_b at yahoo.com
Tue Dec 16 16:19:42 UTC 2008
[1,2]
> scripts/gpssmswatch and src/splash.c
rewritten upstream not to use /tmp/gpsdrivepos anymore (now directly polls
position from gpsd), and /tmp/.smswatch is now created with `tempfile`, in
a secure way.
-done-
[3]
> src/unit_test.c + /tmp/gpsdrive-unit-test
still needs work.
-open-
Hamish
More information about the Pkg-grass-devel
mailing list