On Tue, 6 Sep 2011 16:08:29 +0200 Vincent Lefevre wrote:
> On 2011-09-06 14:05:59 +0200, Chung-chieh Shan wrote:
> > No, we should not assume that TMPDIR is set by a malicious agent; that
> > is possible but it is also possible that TMPDIR is set by a friendly
> > agent whose goal is to increase t
On 2011-09-06 14:05:59 +0200, Chung-chieh Shan wrote:
> No, we should not assume that TMPDIR is set by a malicious agent; that
> is possible but it is also possible that TMPDIR is set by a friendly
> agent whose goal is to increase the security of the system by putting
> temporary files in a secure
Michael Gilbert wrote:
> Ok, I see now. Then the root cause is that tempfile will "listen to"
> the TMPDIR setting. So, to fix that core problem, shouldn't we disable
> it? Note functionality shouldn't be lost since there is still the
> "--directory" option; although some scripts may need to be
Jonathan Nieder wrote:
> Michael Gilbert wrote:
>
> > If the attacker
> > has control of /tmp and all can generate any file name permutation in
> > time to get his malicious version in place of the intended one, then
> > the real issue is that tmpfile's file name generation is weak, and the
> > p
Michael Gilbert wrote:
> If the attacker
> has control of /tmp and all can generate any file name permutation in
> time to get his malicious version in place of the intended one, then
> the real issue is that tmpfile's file name generation is weak, and the
> problem would need to fixed there.
Not
Jonathan Nieder wrote:
> Hi,
>
> Vincent Lefevre wrote:
>
> > --- /usr/bin/xpdf 2011-07-28 06:29:44.0 +0200
> > +++ xpdf2011-07-29 16:36:38.0 +0200
> > @@ -78,7 +78,7 @@
> > elif [ "$cat" = "cat" ]; then
> > $cmd -title "$title" "$file" $pages
> > else
> > -tmp=$
On 2011-08-28T20:08:27-0500, Jonathan Nieder wrote:
> Wasn't the original intent closer to
> trap "rm -f -- \"\$tmp\"" EXIT HUP INT QUIT TERM
> which prevents the variable from being interpolated in advance at all?
Yes, that's the (a) right fix.
signature.asc
Description: Digital signature
Hi,
Vincent Lefevre wrote:
> --- /usr/bin/xpdf 2011-07-28 06:29:44.0 +0200
> +++ xpdf 2011-07-29 16:36:38.0 +0200
> @@ -78,7 +78,7 @@
> elif [ "$cat" = "cat" ]; then
> $cmd -title "$title" "$file" $pages
> else
> -tmp=$(tempfile -p "$(basename "$file")" -s .pdf
Vincent Lefevre wrote:
> tags 635849 patch
> thanks
>
> On 2011-07-29 23:22:24 +0900, Osamu Aoki wrote:
> > Can any of you who seems to know bettwer on this subject propse good
> > solution while keeping major part of this feature. Other wise we get
> > bug report for breaking backward comparibi
On 2011-07-29 16:39:57 +0200, Vincent Lefevre wrote:
> I think there is a very easy solution concerning this bug (there
> may be other bugs, though): do not use the -p tempfile option.
> AFAIK, this option is useless (it might be used to retrieve the
> temporary file more easily, but this isn't imp
Processing commands for cont...@bugs.debian.org:
> tags 635849 patch
Bug #635849 [xpdf] xpdf: crafted .pdf.gz file name can delete any
single-letter-named file
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
635849: http://bugs.debian.org/cgi-
tags 635849 patch
thanks
On 2011-07-29 23:22:24 +0900, Osamu Aoki wrote:
> Can any of you who seems to know bettwer on this subject propse good
> solution while keeping major part of this feature. Other wise we get
> bug report for breaking backward comparibility without good reason.
I think th
tags 635849 help
thanks
Hi,
I think this is the risk of creating a feature without peer review.
Thank for doing it for us. We now know that risks are real.
Uses of shell glob have this kind of problem unless proper option are
used.
Can any of you who seems to know bettwer on this subject props
13 matches
Mail list logo
