Bug#775681: multiple /tmp file vulnerabilities
Victor Seva
linuxmaniac at torreviejawireless.org
Sat Jan 24 13:30:37 UTC 2015
On 01/18/2015 05:16 PM, Helmut Grohne wrote:
> Granted, some of the results are examples, documentation or obsolete.
> But quite a few reach the default settings:
>
> * kamcmd defaults to connecting to unixs:/tmp/kamailio_ctl.
- added default_ctl.patch.
ctl defaults to /var/run/kamailio/kamailio_ctl.
add ctl binrpc module parameter to etc/kamailio/kamailio*cfg
to point this change.
> * The kamailio build definitely is vulnerable as can be seen in
> utils/kamctl/Makefile.
- kamctl_build.patch.
use basedir instead of /tmp
> More research clearly is required here. Given these findings, the
> security team may want to veto the inclusion of kamailio in a stable
> release, which would be very unfortunate as kamailio is quite a unique
> piece of software with little competitors in its field.
From my POW this is a matter of configuration. Kamailio has a complex
configuration,
and my changes will try to have proper default configs in /etc/kamailio
*examples*.
Helmut, do you agree with this proposed changes to deal with your findings?
PD: I will document on README.Debian any final changes on the kamailio
defaults
Thanks,
Victor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-fix-fifo-and-ctl-defaults-pointing-to-unsecure-tmp-d.patch
Type: text/x-patch
Size: 16542 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20150124/4d945b7f/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20150124/4d945b7f/attachment.sig>
More information about the Pkg-voip-maintainers
mailing list