Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:12.3
apport
apport-lp357024.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File apport-lp357024.diff of Package apport
From: Martin Pitt <martin.pitt@ubuntu.com> etc/cron.daily/apport: Only attempt to remove files and symlinks, do not descend into subdirectories of /var/crash/. Doing so might be exploited by a symlink attack in an evil fuse file system or a race condition between find traversing a huge directory tree, changing an existing subdir into a symlink to e. g. /etc/, and finally getting that piped to rm. Thanks to Stephane Chazelas for discovering this! (LP: #357024) --- debian/apport.cron.daily | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: b/debian/apport.cron.daily =================================================================== --- a/debian/apport.cron.daily +++ b/debian/apport.cron.daily @@ -1,5 +1,5 @@ #!/bin/sh -e # clean all crash reports which are older than a week. [ -d /var/crash ] || exit 0 -find /var/crash -mindepth 1 -mtime +7 -print0 | xargs -0 rm -f -find /var/crash -mindepth 1 -empty -print0 | xargs -0 rm -f +find /var/crash -mindepth 1 -maxdepth 1 \( -type f -o -type l \) -mtime +7 -print0 | xargs -0 rm -f +find /var/crash -mindepth 1 -maxdepth 1 \( -type f -o -type l \) -empty -print0 | xargs -0 rm -f
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor