Mailinglist Archive: opensuse (4547 mails)

< Previous Next >
Potential security problem in SuSE-9.1
  • From: Mark Gray <markgray-temp-1083765299@xxxxxxxxxxxx>
  • Date: 31 May 2004 14:14:42 -0400
  • Message-id: <6ssmdg4g6l.fsf@xxxxxxxxxxxx>
Is there a good email address to send information about a bug which
might represent a security problem for someone using SuSE-9.1?

It is a slight problem, but would allow a Trojan with write access to
a certain user owned directory to have a program executed as root.
Even without that being a problem, an unluckily named program in that
directory WILL be executed as root which could have surprising
results for the program which runs it.

< Previous Next >
Follow Ups