[Secure-testing-team] Bug#537299: base: user deletes files without write permission, partition full

Chiel Kooijman chiel999 at gmail.com
Thu Jul 16 19:26:53 UTC 2009


Package: base
Severity: critical
Tags: security
Justification: root security hole

I tried to edit /etc/fstab as user (forgot to use `sudo') but, as I
noticed later, the partition that contains the root (/) files was full.
After that I tried to edit the file as superuser (I hadn't read the
message when I tried to write because I assumed it was complaining about
permission).
But when I opened the file again it was empty (it did exist; but no text,
as if created with touch).

The editor I used is vim and the filesystem is ext2.

Chiel Kooijman

PS
I hope I'm not scaring people about a non-issue, this is my first bug
report and I tried to fill out everything as precise as I could.
I do not believe this is a bug in vim as I think no program run under a
normal user should be able to edit a file without write permission.

-- System Information:
Debian Release: 5.0.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash





More information about the Secure-testing-team mailing list