https://bugzilla.redhat.com/show_bug.cgi?id=1135624 Bug ID: 1135624 Summary: perl-Clipboard: insecure temporary file usage Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team@xxxxxxxxxx Reporter: vdanen@xxxxxxxxxx CC: iarnell@xxxxxxxxx, mkreder@xxxxxxxxx, perl-devel@xxxxxxxxxxxxxxxxxxxxxxx It was reported [1],[2] that the clipedit program as shipped with perl-Clipboard uses temporary files insecurely (based on the PID of the running program). Using symlink attacks, an attacker could cause the deletion of arbitrary files that the user running clipedit has write access to. [...] 7 my $tmpfilename = "/tmp/clipedit$$"; 8 open my $tmpfile, ">$tmpfilename" or die "Failure to open $tmpfilename: $!"; 9 print $tmpfile $orig; 10 close $tmpfile; [...] 13 system($ed, $tmpfilename); 14 15 open $tmpfile, $tmpfilename or die "Failure to open $tmpfilename: $!"; 16 my $edited = join '', <$tmpfile>; [...] 49 unlink($tmpfilename) or die "Couldn't remove $tmpfilename: $!"; [1] http://seclists.org/oss-sec/2014/q3/467 [2] https://rt.cpan.org/Public/Bug/Display.html?id=98435 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=71pk61Zg6T&a=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/perl-devel
