[php-maint] Bug#618489: Bug#618489: php5-common: priviledge escalation in /etc/cron.d/php5

sean finney seanius at debian.org
Wed Mar 16 09:40:29 UTC 2011


On Wed, Mar 16, 2011 at 09:27:29AM +0000, Stephane Chazelas wrote:
> No, please look carefully. It's not "passwd" that's the
> symlink, it's foo (to /etc). rm would remove
> /var/lib/php5/foo/passwd, that is it would unlink the "passwd"
> entry from the directory pointed to by "foo", that is "/etc".

oh, right.  well good catch then, i guess we'll need to prepare
a stable security update...


	sean





More information about the pkg-php-maint mailing list