Bug#404743: CVE-2006-6698: local DoS vulnerability due to
insecure tempdir handling
joss at debian.org
Thu Dec 28 09:59:33 CET 2006
Le mercredi 27 décembre 2006 à 23:55 +0100, Stefan Fritsch a écrit :
> Package: gconf2
> Version: 2.16.0-3
> Severity: important
> Tags: security
> A vulnerability has been reported in gconfd:
> The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files
> under directories with names based on the username, even when
> GCONF_GLOBAL_LOCKS is not set, which allows local users to cause a
> denial of service by creating the directories ahead of time, which
> prevents other users from using Gnome.
> for details. Please mention the CVE id in the changelog.
This is a known problem that upstream doesn't find serious enough to fix
it. The solution is to turn on global locking by default - currently it
is enabled with the GCONF_LOCAL_LOCKS environment variable. However, it
can break when /home is on NFS with some kind servers. I intended to
make this change post-etch so that we had time to see how it breaks.
If the release managers want to, I can upload this change to unstable. I
can also provide a backport for etch if the security team wants to issue
an advisory, but be warned that this change is not harmless - although
an environment variable will enable local locking if an user wants to
revert to the current behavior.
: :' : We are debian.org. Lower your prices, surrender your code.
`. `' We will add your hardware and software distinctiveness to
`- our own. Resistance is futile.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Ceci est une partie de message
Url : http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20061228/52212743/attachment.pgp
More information about the Pkg-gnome-maintainers