Kevin Dalley wrote:
> This problem was reported by a Debian user with xsane-0.49.
>
> With this version of xsane it is possible to let a user overwrite his
> own files. Take for example user A with UID 1000 and user B who wants
> to overwrite a file of A. In this case B creates a symlink
> /tmp/preview-level-0-1000-mustek:_dev_sg1.ppm (1000 is the UID of user
> A, mustek:_dev_sg1.ppm is the specification of the scanner) to some
> file owned by user A, which B wants to be overwritten. If user A uses
> xsane in combination with the preview window the next time, it will
> overwrite the file, where the symlink points to, without asking
> before.
>
> IMHO xsane should check whether the preview file in /tmp is a real
> file and whether it is owned by the user who runs xsane. Otherwise
> this is a security hole.
>
>
Hi Kevin,
thanks for that info,
I will think about a good solution.
Bye
Oliver
-- Homepage: http://www.wolfsburg.de/~rauch sane-umax: http://www.wolfsburg.de/~rauch/sane/sane-umax.html xsane: http://www.wolfsburg.de/~rauch/sane/sane-xsane.html E-Mail: mailto:Oliver.Rauch@Wolfsburg.DE-- Source code, list archive, and docs: http://www.mostang.com/sane/ To unsubscribe: echo unsubscribe sane-devel | mail majordomo@mostang.com
This archive was generated by hypermail 2b29 : Sun Feb 27 2000 - 23:15:08 PST