[Pkg-shadow-devel] Bug#505071: Bug#505071: login tty mis-determination (see bug#332198)
Nicolas François
nicolas.francois at centraliens.net
Tue Nov 11 11:00:28 UTC 2008
clone 505071 -1
retitle -1 symlink attack in login leading to arbitrary file ownership
tags -1 security
severity -1 serious
tags -1 patch
thanks
Somebody with write access to the utmp database can create the conditions
for a symlink attack in login, leading to gaining ownership of an
arbitrary file.
Proposed fix: Changing chown (tty, ...) to fchown (0, ...) in chowntty()
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list