[Pkg-shadow-devel] Bug#505071: Bug#505071: login tty mis-determination (see bug#332198)

Nicolas François nicolas.francois at centraliens.net
Tue Nov 11 11:00:28 UTC 2008

clone 505071 -1
retitle -1 symlink attack in login leading to arbitrary file ownership
tags -1 security
severity -1 serious
tags -1 patch

Somebody with write access to the utmp database can create the conditions
for a symlink attack in login, leading to gaining ownership of an
arbitrary file.

Proposed fix: Changing chown (tty, ...) to fchown (0, ...) in chowntty()

Best Regards,

More information about the Pkg-shadow-devel mailing list