Package: hylafax-server Version: 2:6.0.5-4.1 Severity: grave Tags: security Justification: user security hole User: debian...@lists.debian.org Usertags: piuparts
Hi, hylafax-server (all versions in squeeze, wheezy, sid) creates the following directory: drwsrwxrwx 2 uucp uucp 40 Dec 12 2010 /var/spool/hylafax/tmp that is world writable and does not have the sticky bit set. This allows arbitrary users to delete (and replace) files there that were not created by them. I do not know how this directory is used by hylafax-server and what the impact of this problem is, but it does not seem right to have such a possible hole. I do not use hylafax-server, I just noticed this while analyzing a piuparts log for a different problem. Andreas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
