Bug#789404: pbuilder: insecure use of /tmp
Jakub Wilk
jwilk at debian.org
Sun Aug 9 20:56:48 UTC 2015
* Mattia Rizzolo <mattia at mapreri.org>, 2015-08-08, 17:00:
>>I don't see how changing it can fix #789401, though.
>It would improve the situation, as a malicious local user can not plant
>the build dir any more
Right. But there might be other /tmp vulnerabilities (in pbuilder or
elsewhere) that #789401 would ease exploiting.
And there's DoS aspect: local user could stuff chroot's /tmp with
garbage, which pbuilder then will have to compress and later decompress
on every build.
--
Jakub Wilk
More information about the Pbuilder-maint
mailing list