Menu
▾
▴
[TiLP-devel] [Fwd: Found security vulnerability in TiLP for Unix {Scanned}] {Scanned}
|
From: Romain <ro...@li...> - 2004-11-15 17:49:38
|
---------------------------- Message original ---------------------------=
-
Objet: Found security vulnerability in TiLP for Unix {Scanned}
De: "Michael Deakins" <c_m...@ya...>
Date: Lun 15 novembre 2004 18:17
=C0: ro...@ti...
-------------------------------------------------------------------------=
-
roms,
Running as root under Linux, I untarred tilp.tar.gz
(version 6.76), libticables-3.8.7.tar.gz,
libtifiles-0.6.1.tar.gz, and libticalcs-4.5.5.tar.gz.
All of the directories extracted were world-writable,
with permissions of "drwxrwxrwx" (although the files
in the directories weren't world-writable). If
untarring in directories only intended to be
root-writable, such as /usr/src, this is rather
insecure. I have submitted this as bug #1066768 in
the SourceForge bug tracker.
Michael Deakins
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--=20
Romain Li=E9vin : <ro...@li...>
Web site : http://www.lievin.net
"Linux, y'a moins bien mais c'est plus cher !"
|
