Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 06 Mar 2011 16:19:04 +0700
From: Pavel Labushev <p.labushev@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- logrotate -- nine issues

06.03.2011 02:21, Solar Designer пишет:

>> At least in Gentoo there are packages
>> (ebuilds and eclasses) that create user/group-writable directories in
>> /var/log and enable logrotate to handle the log files there.
> 
> Is this something you can get fixed?

I hope it will be fixed soon. Would be nice to have CVEs assigned for these
issues anyway, just to make people aware. If even package maintainers got it
wrong, I bet there's a legion of users who also did.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ