Mailing the story:

Debian alert: New fdclone packages fix insecure temporary directory usage

  • Mailing list (Posted by on CST)
  • Story Type: Security; Groups: Debian
fdclone creates a temporary directory in /tmp as a workspace. However, if this directory already exists, the existing directory is used instead, regardless of its ownership or permissions. This would allow an attacker to gain access to fdclone's temporary files and their contents, or replace them with other files under the attacker's control.
What is your name?

What is your E-Mail address?

What is the email address of the recipient?

Add a special note from yourself?