[Simon Walter] Bug#506353: mailscanner: many scripts allow local users to overwrite arbitrary files, and more, via symlink attacks

Hugo van der Kooij hvdkooij at vanderkooij.org
Fri Dec 12 16:19:00 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kai Schaetzl wrote:
> Julian Field wrote on Fri, 12 Dec 2008 11:53:15 +0000:

>> Download the -2 release and you'll be fine, that has the correct line at 
>> the top I believe.
> 
> Installed, and it's processing. Good thing about all these rapid 
> deployments after a while of not updating is that I wrote me a script now 
> that just needs the version no. and takes care of the rest.

Care to share it with the rest of the world? Put it online somewhere if
you want others to enjoy it too.

Hugo.

- --
hvdkooij at vanderkooij.org               http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

	A: Yes.
	>Q: Are you sure?
	>>A: Because it reverses the logical flow of conversation.
	>>>Q: Why is top posting frowned upon?

Bored? Click on http://spamornot.org/ and rate those images.

Nid wyf yn y swyddfa ar hyn o bryd. Anfonwch unrhyw waith i'w gyfieithu.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFJQo7zBvzDRVjxmYERAqWAAKCUdxwIkUYnWG/qvH+nkpgtOncQlACgkDcX
wCW1CZrqM9T3T8+qV5F9ilY=
=YlAp
-----END PGP SIGNATURE-----


More information about the MailScanner mailing list