Re: [SuSE 9.0] possible symlink attacks in some scripts
>greetings,
Hello.
>i have done a litte reseach on a SuSE linux 9.0 box
>for possible symlink attacks. i have checked nearly
>every script i could found on the system. i havent
>found much and nothing very special.
Good.
>i dont have a
>clue if the following scripts are somewhere on the
>system executed but maybe someone useses them in a
>script or something like that.
We will fix the bugs you found, but it's always nicer
to contact us before you go public with bug-reports.
Just write an eMail to security@xxxxxxx and you will
get an answer after a few hours or less.
Bye,
Thomas
--
Thomas Biege <thomas@xxxxxxx>, SUSE LINUX AG, Security Support & Auditing
--
# If you have the "driftnet" program installed, webcollage can display a
# collage of images sniffed off your local ethernet, instead of pulled out
# of search engines: in that way, your screensaver can display the images
# that your co-workers are downloading!
-- xscreensaver source-code