Bug#224592: marked as done (kopete: installed file winpopup-send.sh has an insecure file creation)

[Debian Bug Tracking System]

Your message dated Mon, 8 Mar 2004 23:28:51 +0200
with message-id <[EMAIL PROTECTED]>
and subject line kde 3.2 Kopete ships without winpopup
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 20 Dec 2003 12:32:04 +0000
>From [EMAIL PROTECTED] Sat Dec 20 06:32:00 2003
Return-path: <[EMAIL PROTECTED]>
Received: from (reypastor.hispalinux.es) [213.229.161.44] 
        by master.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1AXfJZ-0001jD-00; Sat, 20 Dec 2003 05:30:33 -0600
Received: by reypastor.hispalinux.es (Postfix, from userid 1019)
        id E44DE1E14C7; Sat, 20 Dec 2003 12:30:32 +0100 (CET)
Date: Sat, 20 Dec 2003 12:30:32 +0100
From: Jesus Climent <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: kopete: installed file winpopup-send.sh has an insecure file creation
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
X-Reportbug-Version: 1.50
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 
        2.60-master.debian.org_2003_11_25-bugs.debian.org_2003_12_15 
        (1.212-2003-09-23-exp) on master.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=HAS_PACKAGE autolearn=no 
        version=2.60-master.debian.org_2003_11_25-bugs.debian.org_2003_12_15
X-Spam-Level: 

Package: kopete
Version: N/A; reported 2003-12-20
Severity: grave
Justification: user security hole
Tags: security

the file winpopup-send.sh does not check the existance of the file
/tmp/.winpopup-new

if another user has created a link to whichever file in the system it will be
overwriten if the user is root.

Please, consider modifying the file with some checkings, and adding some user
identification:

if [ ! -d /tmp/kopete.$$ ] ; then
mkdir -p /tmp/kopete.$$/
elif [ ! -d /tmp/kopete.$USERNAME.$$ ] ; then
mkdir -p ...

In any case, use some source of randomness for the creation of the file.

Thanks

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux reypastor 2.4.23 #1 lun dic 1 23:39:36 CET 2003 i686
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED]

-- 
Jesus Climent                                      info:www.pumuki.org
Unix SysAdm|Linux User #66350|Debian Developer|2.4.23|Helsinki Finland
GPG: 1024D/86946D69 BB64 2339 1CAA 7064 E429  7E18 66FC 1D7F 8694 6D69

Like my old grand daddy used to say, "The less a man makes declarative 
statements, the less apt he is to look foolish in retrospect."
                --Chester (Four Rooms)

---------------------------------------
Received: (at 224592-done) by bugs.debian.org; 8 Mar 2004 21:28:58 +0000
>From [EMAIL PROTECTED] Mon Mar 08 13:28:58 2004
Return-path: <[EMAIL PROTECTED]>
Received: from xdsl-177-5.nblnetworks.fi (watergate.kos.to) [217.30.177.5] 
(mail)
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1B0SJ0-0005aG-00; Mon, 08 Mar 2004 13:28:58 -0800
Received: from nchip by watergate.kos.to with local (Exim 4.24)
        id 1B0SIt-0001Xo-CW; Mon, 08 Mar 2004 23:28:51 +0200
Date: Mon, 8 Mar 2004 23:28:51 +0200
From: Riku Voipio <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: kde 3.2 Kopete ships without winpopup
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-message-flag: Warning: message not sent with a DRM-Certified client
User-Agent: Mutt/1.5.5.1+cvs20040105i
Sender: Riku Voipio <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_08 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=0.0 required=4.0 tests=none autolearn=no 
        version=2.60-bugs.debian.org_2004_03_08
X-Spam-Level: 

Jesus, kopete 3.2 fixes the winpopup-send.sh and winpopup-install.sh
by.. not shipping them anymore! I doubt anyone will miss them.


-- 
Riku Voipio            |    [EMAIL PROTECTED]         |
kirkkonummentie 33     |    +358 40 8476974          --+--
02140 Espoo            |                               |
dark> A bad analogy is like leaky screwdriver          |