Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
ecryptfs-utils.import4986
CVE-2011-1835.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2011-1835.patch of Package ecryptfs-utils.import4986
Description: fix key poisoning via insecure temp directory handling Author: Marc Deslauriers <marc.deslauriers@canonical.com> Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/732628 Index: ecryptfs-utils-87/src/utils/ecryptfs-setup-private =================================================================== --- ecryptfs-utils-87.orig/src/utils/ecryptfs-setup-private 2011-07-29 13:04:35.039423874 -0400 +++ ecryptfs-utils-87/src/utils/ecryptfs-setup-private 2011-07-29 13:05:03.769423866 -0400 @@ -380,7 +380,7 @@ # ramdisk, to keep it from leaking to the hard-drive. temp=`mktemp /dev/shm/.ecryptfs-XXXXXX` printf "%s" "$MOUNTPASS" > "$temp" - mv "$temp" "/dev/shm/.ecryptfs-$USER" + mv -f -T "$temp" "/dev/shm/.ecryptfs-$USER" || error "Could not create passphrase file" else printf "%s\n%s" "$MOUNTPASS" "$LOGINPASS" | ecryptfs-wrap-passphrase "$HOME/.ecryptfs/wrapped-passphrase" - || error "$(gettext 'Could not wrap passphrase')" fi
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor