Debian Bug report logs - #186219
fdclone: insecure temporary directory

version graph

Package: fdclone; Maintainer for fdclone is Elías Alejandro Año Mendoza <ealmdz@gmail.com>; Source for fdclone is src:fdclone (PTS, buildd, popcon).

Reported by: Tatsuya Kinoshita <tats@vega.ocn.ne.jp>

Date: Tue, 25 Mar 2003 12:18:02 UTC

Severity: grave

Tags: help, potato, security, woody

Found in version 2.00a-1

Fixed in version fdclone/2.00a-1woody3

Done: Tatsuya Kinoshita <tats@vega.ocn.ne.jp>

Bug is archived. No further changes may be made.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Taketoshi Sano <sano@debian.org>, fdclone@packages.qa.debian.org:
Bug#186219; Package fdclone. (full text, mbox, link).


Acknowledgement sent to Tatsuya Kinoshita <tats@vega.ocn.ne.jp>:
New Bug report received and forwarded. Copy sent to Taketoshi Sano <sano@debian.org>, fdclone@packages.qa.debian.org. (full text, mbox, link).


Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Tatsuya Kinoshita <tats@vega.ocn.ne.jp>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: fdclone: insecure temporary directory
Date: Tue, 25 Mar 2003 21:08:09 +0900 (JST)
Package: fdclone
Version: 2.00a-1
Severity: grave
tags: woody potato

Debian woody's fdclone 2.00a creates a temporary directory in an
insecure manner in /tmp using predictable directory names.  A
directory name generated by pid is used even if the directory has
already been created by another user.  It may be possible for a
local attacker to corrupt arbitrary files as another user.

Debian potato's fdclone 1.x seems to have the same problem.

I sent a bug report to the upstream author, then FDclone 2.02a
was released.  It seems to fix this bug.

-- 
Tatsuya Kinoshita



Tags added: security Request was from sano@debian.org to control@bugs.debian.org. (full text, mbox, link).


Tags added: help Request was from sano@debian.org to control@bugs.debian.org. (full text, mbox, link).


Reply sent to Tatsuya Kinoshita <tats@vega.ocn.ne.jp>:
You have taken responsibility. (full text, mbox, link).


Notification sent to Tatsuya Kinoshita <tats@vega.ocn.ne.jp>:
Bug acknowledged by developer. (full text, mbox, link).


Message #14 received at 186219-done@bugs.debian.org (full text, mbox, reply):

From: Tatsuya Kinoshita <tats@vega.ocn.ne.jp>
To: sano@debian.org, 186219-done@bugs.debian.org, 182619@bugs.debian.org
Subject: Re: Accepted fdclone 2.00a-1woody3 (i386 source)
Date: Wed, 23 Jul 2003 21:48:03 +0900 (JST)
On July 22, 2003 at 8:02PM -0400,
Taketoshi Sano <sano@debian.org> wrote:

>  fdclone (2.00a-1woody3) stable-security; urgency=high
>  .
>    * use random number instead of PID number for temporary directory
>    * do check existence of the temporary directory
>    * Closes: #182619
>    * CAN-2003-0596

I'm closing Bug#186219 instead of Bug#182619.

Thanks fot the fix.

-- 
Tatsuya Kinoshita



Message #15 received at 186219-done@bugs.debian.org (full text, mbox, reply):

From: Taketoshi Sano <sano@debian.org>
To: tats@vega.ocn.ne.jp
Cc: sano@debian.org, 186219-done@bugs.debian.org, 182619@bugs.debian.org
Subject: Re: Accepted fdclone 2.00a-1woody3 (i386 source)
Date: Thu, 24 Jul 2003 06:36:35 +0900 (JST)
Ah, I just find that I wrote the wrong bug number in my patch
when I received the auto reply from the BTS. Excuse me.

In <20030723.214803.108594216.05@tats.iris.ne.jp>,
 on "Wed, 23 Jul 2003 21:48:03 +0900 (JST)",
 with "Re: Accepted fdclone 2.00a-1woody3 (i386 source)",
  Tatsuya Kinoshita <tats@vega.ocn.ne.jp> wrote:

tats> On July 22, 2003 at 8:02PM -0400,
tats> Taketoshi Sano <sano@debian.org> wrote:
tats> 
tats> >  fdclone (2.00a-1woody3) stable-security; urgency=high
tats> >  .
tats> >    * use random number instead of PID number for temporary directory
tats> >    * do check existence of the temporary directory
tats> >    * Closes: #182619
tats> >    * CAN-2003-0596
tats> 
tats> I'm closing Bug#186219 instead of Bug#182619.
tats> 
tats> Thanks fot the fix.

Thank you Tatsuya, for the whole your contribution 
on this (#186219) bug.

-- 
  Taketoshi Sano: <sano@debian.org>,<sano@debian.or.jp>,<kgh12351@nifty.ne.jp>



Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 01:56:32 2025; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.