Bug#344029: libmail-audit-perl: insecure /tmp handling
Niko Tyni
ntyni at iki.fi
Mon Dec 19 14:45:28 UTC 2005
Package: libmail-audit-perl
Version: 2.1-5
Severity: serious
Justification: Etch RC policy
The Mail::Audit module logs by default to
my $logfile = "/tmp/".getpwuid($>)."-audit.log";
if logging is turned on (the loglevel parameter to new()) and
no logfile is explicitly specified.
The module will follow any symlinks and append to the corresponding file:
if ($logging) { open LOG, ">>$logfile" or open LOG, ">>/dev/null";
This is RC according to the Etch release policy [1]:
(h) Temporary files
Any programs and scripts that create files in /tmp or other
world writable directories must use a mechanism which fails if
the file already exists.
An obvious workaround would be to log into eg. "$HOME/mail-audit.log".
(I'm not sure if this should be tagged "security" and fixed for sarge too,
so I'm leaving that for others to judge.)
[1] http://release.debian.org/etch_rc_policy.txt
Cheers,
--
Niko Tyni ntyni at iki.fi
More information about the pkg-perl-maintainers
mailing list