Bug#373255: [Pkg-aide-maintainers] Bug#373255: Predictable names in
tmp are a security risk
Goswin von Brederlow
brederlo at informatik.uni-tuebingen.de
Tue Apr 17 01:28:44 UTC 2007
Marc Haber <mh+debian-packages at zugschlus.de> writes:
> On Sun, Apr 15, 2007 at 03:21:13PM +0200, Goswin von Brederlow wrote:
>> aide uses a very predictable name in tmp (/tmp/empty/aide.db) with the
>> assumption that it will give an error because the file does not exist.
>>
>> A malicious user can easily create /tmp/empty and place a dummy db in
>> there and thus disrupt or even negate the effect of aide.
>
> How can it disrupt the effect of aide? People are not supposed to
> directly call aide without giving a configuration file.
Aparently people do and if someone fakes /tmp/empty/aide.db they will
get no error unlike you intended. They might even think all is well
while aide will not work.
>> If you want to force people to configure your package before use then
>> please do use something reliably absent.
>
> What do you suggest using?
/nonexistant/aide.db or /usr/lib/aid/nonexistant/aide.db.
> Greetings
> Marc
MfG
Goswin
More information about the Pkg-aide-maintainers
mailing list