[Bug 513345] Review Request: iwak - Detect the openssh keys affected by CVE-2008-0166 among authorized_keys
bugzilla at redhat.com
bugzilla at redhat.com
Fri Jul 24 15:21:42 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=513345
--- Comment #11 from Tomas Hoger <thoger at redhat.com> 2009-07-24 11:21:40 EDT ---
(In reply to comment #3)
> > cat file | wc -l --> wc -l file
> This is not the same (try it :)
Ah, right, more chopping needed, probably not worth it.
> > - This should have a README with big warning sysadmins should not to be
> > tempted to use this as root as:
>
> May be, but the sysadmins will do it anyhow.
Probably worth a safety-net check in some future revisions? Test checking if
euid is the same as file's and file's parent directory owner are the same and
refusing to delete if not should catch most obvious mistakes (well, it'll turn
it into race), or mktemp-created file instead of $FILE.tmp? Really just some
quick thoughts...
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the Fedora-package-review
mailing list