GLSA-200804-11 : policyd-weight: Insecure temporary file creation
Low Nessus Plugin ID 31958
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200804-11 (policyd-weight: Insecure temporary file creation)
Chris Howells reported that policyd-weight creates and uses the '/tmp/.policyd-weight/' directory in an insecure manner.
A local attacker could exploit this vulnerability to delete arbitrary files or change the ownership to the 'polw' user via symlink attacks.
Set '$LOCKPATH = '/var/run/policyd-weight/'' manually in '/etc/policyd-weight.conf'.
SolutionAll policyd-weight users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=mail-filter/policyd-weight-0.1.14.17' This version changes the default path for sockets to '/var/run/policyd-weight', which is only writable by a privileged user.
Users need to restart policyd-weight immediately after the upgrade due to this change.