106039 – Insecure temporary files in /sbin/rename_netiface

Bug 106039 - Insecure temporary files in /sbin/rename_netiface

Summary: Insecure temporary files in /sbin/rename_netiface

Status:	RESOLVED DUPLICATE of bug 104606

Alias:	None

Product:	SUSE LINUX 10.0
Classification:	openSUSE
Component:	Security (show other bugs)
Version:	Beta 2
Hardware:	Other All

Priority:	P5 - None Severity: Major
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2005-08-21 08:55 UTC by Stefan Nordhausen
Modified:	2005-08-22 07:15 UTC (History)
CC List:	0 users

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Nordhausen 2005-08-21 08:55:43 UTC

/sbin/rename_netiface insecurely creates the file /tmp/rename_netiface.log,
which is easily exploitable (just did it). The entire script should be converted
to using mktemp.

Comment 1 Ludwig Nussel 2005-08-22 07:15:14 UTC


*** This bug has been marked as a duplicate of 104606 ***