Date: Sat, 22 Aug 1998 20:35:42 -0500 From: Alex Mottram Subject: Security concerns in linuxconf shipped w/RedHat 5.1 There exists a security / DOS problem with linuxconf-1.11.r11-rh3/i386 as upgraded from RedHat's FTP site. No other versions have been tested by me. Both the maintainer of linuxconf and RedHat Software were made aware of this problem. [root@machine SRPMS]# rpm -q linuxconf linuxconf-1.11r11-rh3 The details of the problem are neither new nor exciting so a very brief description follows: linuxconf creates at least one file in /tmp during/at execution, and will blindly follow a symlink from that file. As linuxconf is an admin tool, and can/should only be run as root, the possibilities of system smashing are multiple. A version of linuxconf that does not have this problem is available at: ftp://ftp.solucorp.qc.ca/pub/linuxconf/devel/redhat-5.1/linuxconf-1.11r19-1.i386.rpm Thanks to Jacques Gelinas (linuxconf maintainer) for releasing a fixed version quickly.