[3292] in bugtraq
Re: [BUG] Vulnerability in PKGTOOL
daemon@ATHENA.MIT.EDU (Jonathan Larmour)
Tue Aug 27 17:34:34 1996
Date: Tue, 27 Aug 1996 18:30:41 +0100
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Jonathan Larmour <JLarmour@origin-at.co.uk>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
At 09:57 27/08/96 -0400, Paul Nash wrote:
[snip]
>On the same note tin creates /tmp/.tin_log mode 666 aswell.. It's vulnerable
>to symlinks aswell.
However it doesn't complain if root creates /tmp/.tin_log mode 000, so
that's the easiest quick-fix, although take care when clearing /tmp.
Jonathan L.
Origin UK, 323 Cambridge Science Park, Cambridge, England. CB4 4WG.
Tel: +44 (1223) 423355 Fax: +44 (1223) 420724 E-mail: guess...
-------[ Do not think that every sad-eyed woman has loved and lost... ]------
-----------------------[ she may have got him. -Anon ]-----------------------
These opinions are all my own fault.
