[php-maint] Bug#400270: php4-common: Perms of /var/lib/php4
Paul Szabo
psz at maths.usyd.edu.au
Fri Nov 24 20:38:18 UTC 2006
Package: php4-common
Severity: normal
Permissions of /var/lib/php4 do not seem "right":
$ dpkg -c php4-common_4.3.10-18_i386.deb | grep /var/lib/php4
drwx-wx-wt root/root 0 2006-11-04 08:56:34 ./var/lib/php4/
I wonder if this could be used for "normal" users to attack PHP
(by creating random files in there).
Cheers,
Paul Szabo psz at maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-spm1.6
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
More information about the pkg-php-maint
mailing list