[Simon Walter] Re: Bug#506353: mailscanner: many scripts allow local users to overwrite arbitrary files, and more, via symlink attacks

Desai, Jason jase at sensis.com
Tue Dec 9 15:40:24 GMT 2008


> As far as fixing the problem, many systems have a mktemp utility that
> can be used to securely create a temporary file (which is typically
> just a wrapper around the system's mkstemp() function, if present.)
> Since that's not really portable, though, you might be better off
> porting the remaining autoupdate shell scripts to perl, where you can
> use sysopen(HANDLE, "/tmp/file", ...|O_EXCL), which will fail if the
> file already exists.  Alternately, the fix for the trend-autoupdate
> script in the latest version of MailScanner should work in the other
> shell scripts as well, but it's not very elegant.

Or maybe be able to specify a working directory which the update scripts
would use which is not world writable, but writable only by the
MailScanner user?

Jase


More information about the MailScanner mailing list