Date: Mon, 7 Mar 2011 12:54:19 +0000 From: Paul Martin <pm@...ian.org> To: Jan Kaluža <jkaluza@...hat.com> Cc: Solar Designer <solar@...nwall.com>, oss-security@...ts.openwall.com, "Steven M. Christey" <coley@...us.mitre.org>, Stefan Fritsch <sf@...itsch.de>, Florian Zumbiehl <florz@...rz.de>, Petr Uzel <petr.uzel@...e.cz>, Thomas Biege <thomas@...e.de> Subject: Re: CVE Request -- logrotate -- nine issues On Mon, Mar 07, 2011 at 01:21:05PM +0100, Jan Kaluža wrote: > I think logrotate should skip rotation of files in unsafe > directories and show error message instead. Logrotate should also > contain something like "--force" switch (this name is already used, > so we have to find better one, but I don't have anything better in > mind just now). With this switch logrotate should *not* skip unsafe > directories and rotate them as it currently does, but show the error > message. Basically it allows backward compatibility. "--override-unsafe-directory-check" perhaps? Make it a long option, so that there is no doubt that the user is doing something that's potentially dangerous. (I am following this discussion with great interest.) -- Paul Martin <pm@...ian.org>
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ