Report forwarded to debian-bugs-dist@lists.debian.org, bao@debian.org (Bao C. Ha): Bug#244709; Package ipmenu.
(full text, mbox, link).
Acknowledgement sent to Akira YOSHIYAMA <yosshy@debian.or.jp>:
New Bug report received and forwarded. Copy sent to bao@debian.org (Bao C. Ha).
(full text, mbox, link).
Subject: ipmenu creates an unsecure temporary file.
Date: Tue, 20 Apr 2004 02:10:13 +0900
Package: ipmenu
Version: 0.0.3-4
ipmenu creates an temporary file named "/tmp/ipmenu.log". It's defined in
/usr/sbin/ipmenu like below:
---
#!/bin/sh
# $Id: ipmenu,v 1.10 2001/02/10 21:17:00 stes Exp $
IPLOG=${IPLOG-/tmp/ipmenu.log}
export IPLOG
(snip)
---
Temporary files, especially created by root, should be unexpectedly named
for security. In a shell script, /bin/tempfile command is useful for
naming. For example,
---
#!/bin/sh
# $Id: ipmenu,v 1.10 2001/02/10 21:17:00 stes Exp $
test -z "$IPLOG" && IPLOG=$(/bin/tempfile -p ipmenu -s .log)
export IPLOG
IPMENU=${IPMENU-/usr/lib/ipmenu}
export IPMENU
---
Tags added: security
Request was from Matt Zimmerman <mdz@debian.org>
to control@bugs.debian.org.
(full text, mbox, link).
Severity set to `grave'.
Request was from Matt Zimmerman <mdz@debian.org>
to control@bugs.debian.org.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, bao@debian.org (Bao C. Ha): Bug#244709; Package ipmenu.
(full text, mbox, link).
Acknowledgement sent to Javier Fernández-Sanguino Peña <jfs@computer.org>:
Extra info received and forwarded to list. Copy sent to bao@debian.org (Bao C. Ha).
(full text, mbox, link).
tag 244709 patch
thanks
The bug submission includes a patch to fix the way /usr/sbin/ipmenu handles
temporary files. Although notice that it's probably best to do:
------------------------------------------------
IPLOG=$(/bin/tempfile -p ipmenu -s .log)
if [ $? -ne 0 -o ! -f "$IPLOG" ] ; then
echo "ERROR: Could
not create temporary file
$IPLOG"
exit 1
fi
export IPLOG
------------------------------------------------
This patch avoids trusting the environment (it might be polluted) and
checks wether the file was created correctly or not.
Regards
Javier
Source: ipmenu
Source-Version: 0.0.3-5
We believe that the bug you reported is fixed in the latest version of
ipmenu, which is due to be installed in the Debian FTP archive:
ipmenu_0.0.3-5.diff.gz
to pool/main/i/ipmenu/ipmenu_0.0.3-5.diff.gz
ipmenu_0.0.3-5.dsc
to pool/main/i/ipmenu/ipmenu_0.0.3-5.dsc
ipmenu_0.0.3-5_i386.deb
to pool/main/i/ipmenu/ipmenu_0.0.3-5_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 244709@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bao C. Ha <bao@debian.org> (supplier of updated ipmenu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 22 May 2004 18:51:33 -0800
Source: ipmenu
Binary: ipmenu
Architecture: source i386
Version: 0.0.3-5
Distribution: unstable
Urgency: low
Maintainer: Bao C. Ha <bao@debian.org>
Changed-By: Bao C. Ha <bao@debian.org>
Description:
ipmenu - A cursel iptables/iproute2 GUI
Closes: 184298244709
Changes:
ipmenu (0.0.3-5) unstable; urgency=low
.
* Change to Standards-Version 3.6.1
* Change the IPLOG file to read/write only to the owner, since it is
sometimes used by sys admins to learn new rules. (closes: #244709).
* Fix Menu.filter! It no longer segfaults when hitting Filter/Delete
multiple times. (closes: #184298).
Files:
4ca35ecd7800f42b62d7dfc82f513e1e 590 net extra ipmenu_0.0.3-5.dsc
8cd1b367fc645590d874488ad2ca963c 2406 net extra ipmenu_0.0.3-5.diff.gz
f00651ab4b03812014d50c95680125bc 23106 net extra ipmenu_0.0.3-5_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAkCwQbAACgkQn2x5CO2VaziSxACdHJEQ9bYABroJLKibUbtiyJfD
DTEAn2W//1xFMAi9/NI5nVGHmzWSv2dM
=yQiu
-----END PGP SIGNATURE-----
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.