Report forwarded to debian-bugs-dist@lists.debian.org, Jonas Smedegaard <dr@jones.dk>: Bug#338920; Package migrationtools.
(full text, mbox, link).
Acknowledgement sent to Jason Hoover <jason@tinicumartandscience.org>:
New Bug report received and forwarded. Copy sent to Jonas Smedegaard <dr@jones.dk>.
(full text, mbox, link).
From: Jason Hoover <jason@tinicumartandscience.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: migrationtools: Insecure handling of temporary files
Date: Sun, 13 Nov 2005 15:26:37 -0500
Package: migrationtools
Version: 46-1
Severity: critical
Tags: security
Justification: root security hole
Migrationtools leaves insecure temporary files containing information from /etc/shadow.
When it fails to add information, it creates files like nis.<bunchofnumbers>.ldif which are world
readable. This can contain encrypted passwords from /etc/shadow, and by default, includes the root
account (unless you modify migrate_common.ph with minuid).
This is probably a bad thing(tm).
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.14-686-smp
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages migrationtools depends on:
ii ldap-utils [openldap-utils] 2.2.23-8 OpenLDAP utilities
ii perl 5.8.4-8 Larry Wall's Practical Extraction
-- no debconf information
Information forwarded to debian-bugs-dist@lists.debian.org, Jonas Smedegaard <dr@jones.dk>: Bug#338920; Package migrationtools.
(full text, mbox, link).
Acknowledgement sent to Martin Samuelsson <debianbts@cos.user.lysator.liu.se>:
Extra info received and forwarded to list. Copy sent to Jonas Smedegaard <dr@jones.dk>.
(full text, mbox, link).
tags 338920 + patch
thanks,
Jason Hoover @ 2005-11-13 (Sunday), 15:26 (-0500)
> Migrationtools leaves insecure temporary files containing information from /etc/shadow.
Attached is a patch that calls mktemp at appropriate places. I took the
liberty to change the variable names used from TMPDIR to TEMPDIR, as the
first one has a special meaning.
During a test run it seemed to still work for me, without leaving any
world readable files around.
--
/Martin
Tags added: patch
Request was from Martin Samuelsson <debianbts@cos.user.lysator.liu.se>
to control@bugs.debian.org.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Jonas Smedegaard <dr@jones.dk>: Bug#338920; Package migrationtools.
(full text, mbox, link).
Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list. Copy sent to Jonas Smedegaard <dr@jones.dk>.
(full text, mbox, link).
Hello,
Since this bug is trivial to fix, and has been open for two months, I am
going to fix it by NMU. If you are unhappy with anything about the NMU,
please override it.
Thanks,
--
-----------------------------------------------------------------
| ,''`. Stephen Gran |
| : :' : sgran@debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
To: Stephen Gran <sgran@debian.org>, 338920@bugs.debian.org
Subject: Re: Bug#338920: Patch for NMU for this bug
Date: Mon, 30 Jan 2006 13:27:46 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 29 Jan 2006 15:19:46 +0000
Stephen Gran <sgran@debian.org> wrote:
> Since this bug is trivial to fix, and has been open for two months, I
> am going to fix it by NMU. If you are unhappy with anything about
> the NMU, please override it.
I am fine with the fix (and embarrassed that I didn't find time to do
it myself for so long). Thanks alot with your help here!
- Jonas
- --
* Jonas Smedegaard - idealist og Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
- Enden er nær: http://www.shibumi.org/eoti.htm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFD3gZCn7DbMsAkQLgRAg/CAJ40T99FAQtHDXPO+a0GtYdLaX6PDwCfR0gq
NWTKXp/L9/NeQk8XkT02bIA=
=b0QG
-----END PGP SIGNATURE-----
Bug marked as fixed in version 46-2.1, send any further explanations to Jason Hoover <jason@tinicumartandscience.org>
Request was from "Adam D. Barratt" <debian-bts@adam-barratt.org.uk>
to control@bugs.debian.org.
(full text, mbox, link).
Message sent on to Jason Hoover <jason@tinicumartandscience.org>:
Bug#338920.
(full text, mbox, link).
# Hi,
#
# These bugs were fixed in an NMU, but have not been acknowledged by the
# maintainers. With version tracking in the Debian BTS, it is important
# to know which version of a package fixes each bug so that they can be
# tracked for release status, so I'm closing these bugs with the
#relevant version information now
close 331601 0.11.3-1.3
close 331607 0.11.3-1.3
close 332216 2005.08.R1-1.1
close 332237 0.11.3-1.4
close 332389 3.1.2-0.1
close 332424 2.6.1-6sarge1
close 325490 0.7.1-1.1
close 332451 0.7.1-1.1
close 332507 0.4.5+cvs20030824-1.5
close 332702 1.5-2.1
close 332703 2.1.19-1.7
close 332808 2.0.12-1.5
close 332896 2.6.2.pre2-1.1
close 333035 0.12-8.1
close 342420 0.12-8.1
close 333046 2.2-5.1
close 333460 1.0-23.2
close 333857 1.0-23.2
close 333885 1.0.20040603-1.1
close 340743 1.0.20040603-1.1
close 334252 20031130-2.1
close 334320 1.4.2-5.1
close 334651 3.0-4.1
close 335126 0.5.3-1.1
close 335144 3.1.1-4.1
close 335146 0.2-1.1
close 335252 0.4.0-1.1
close 335274 0.13-3.2
close 335567 0.4.5+cvs20030824-1.6
close 335719 3.0.cvs20050714-1.1
close 335842 3.10-1.1
close 336168 1.4-2.1
close 336312 0.2.4-4.1
close 336485 2.1.19.dfsg1-0.3
close 379846 2.1.19.dfsg1-0.3
close 336535 2005.08.R1-1.2
close 336710 1:3.2.6-2.1
close 337246 1.0.1-6.1
close 337453 0.9b3-2.1
close 337495 2.09-2sarge1
close 337576 20.0-1.1
close 337593 1.1.3-5.1
close 339192 1.1.3-5.1
close 346695 1.1.3-5.1
close 347154 1.1.3-5.1
close 337708 1.20-2.1
close 337711 0.5-0.2
close 338327 1.9-11.1
close 340076 1.9-11.1
close 345223 1.9-11.1
close 338370 1.35-4.1
close 338432 2.3.3-6.2
close 338483 0.95-1.3
close 338537 1.6-1.1
close 338920 46-2.1
close 339024 4.2.24-1.1
close 341234 4.2.24-1.1
close 339073 1.5.19-20+sarge1
close 339103 0.5.0-1.1
close 339187 6:6.2.4.5-0.3
close 339220 0.6.5-2
close 339225 1.0.4-1.2
close 339226 2.6.1-2.2
close 339236 2.6.2.pre2-1.2
close 339241 1.2.2-4.1
close 339250 6.4-1.1
close 339267 4.2.0-8.1
close 339268 0.7.2-1.1
close 339280 0.1.5.9+cvs.2004.02.07-3.3
close 339711 2.0pl5-19.4
close 339806 0.8pre1-6.1
close 339835 2.11b-1.4
close 340010 1.3-2.2
close 340084 1:1.2.3-9.1
close 340163 0.2.9-5.1
close 340174 0.99.44-0.1
close 340516 1.1.6-2.1
close 340577 1.1.0.20050815-2.1
close 341011 1.8-1.1
close 341975 0.70.1-1.1
close 342035 0.70.1-1.1
close 342322 9.4.2-2.5
close 346188 9.4.2-2.5
close 347153 9.4.2-2.5
close 343035 0.3b.19990815-3.1
close 343771 4.3.9-2.1
close 343782 1.3.13.1-4.1
close 343795 0.5.8-0.1
close 343804 0.3.7-4.1
close 343912 0.0.4-2.1
close 343989 8.4.11-1.1
close 344029 2.1-5.1
close 344254 2.0.9-3.2
close 344447 0.79-3.1
close 344503 9.4.2-2.7
close 345737 2.1.19-1.8
close 345880 2.1.19-1.8
close 344742 0.1.14-1.1
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 24 Jun 2007 19:51:19 GMT) (full text, mbox, link).
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.