[Bug 909189] Re: Request for new upstream version 1.2 upgrade.
Julian Taylor
jtaylor.debian at googlemail.com
Sat Jan 14 15:25:47 UTC 2012
just to illustrate why creating a file and then chmod'ing it is wrong.
I by accident start a script with my normal user permissions which contains this:
file = inotifywait -e create /path/to/wakup/tmpdir | grep CREATE | awk '{$3}'
echo "... do-bad-stuff" >> file
this can now win the race condition and write arbitrary data to the file before wakup chmod's the file to be only root rightable.
now the script gained root access while it before only had normal user access.
better create the file with the correct permissions in the first place,
or truncate the file when root writes to it.
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/909189
Title:
Request for new upstream version 1.2 upgrade.
Status in “wakeup” package in Ubuntu:
Fix Committed
Bug description:
Adds some important features (user-defined hot text items/commands),
as well as some important bug fixes.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wakeup/+bug/909189/+subscriptions
More information about the Ubuntu-sponsors
mailing list