SPECS: courier.spec - world accessible suid root in cgi-bin?!
glen
glen at pld-linux.org
Sat Nov 19 17:07:28 CET 2005
Author: glen Date: Sat Nov 19 16:07:28 2005 GMT
Module: SPECS Tag: HEAD
---- Log message:
- world accessible suid root in cgi-bin?!
---- Files affected:
SPECS:
courier.spec (1.121 -> 1.122)
---- Diffs:
================================================================
Index: SPECS/courier.spec
diff -u SPECS/courier.spec:1.121 SPECS/courier.spec:1.122
--- SPECS/courier.spec:1.121 Sat Nov 19 16:59:21 2005
+++ SPECS/courier.spec Sat Nov 19 17:07:23 2005
@@ -818,6 +818,7 @@
%files webadmin
%defattr(644,root,root,755)
+# suid root to cgi-bin??? and it's not secured by apache config!
%attr(4755,root,root) %{_cgibindir}/webadmin
%attr(700,daemon,daemon) %dir %{_sysconfdir}/webadmin
%attr(700,daemon,daemon) %dir %{_sysconfdir}/webadmin/added
@@ -911,6 +912,9 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.122 2005/11/19 16:07:23 glen
+- world accessible suid root in cgi-bin?!
+
Revision 1.121 2005/11/19 15:59:21 glen
- use apache config triggers
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SPECS/courier.spec?r1=1.121&r2=1.122&f=u
More information about the pld-cvs-commit
mailing list