Rémi Vanicat
2009-Aug-26 22:04 UTC
[Secure-testing-team] Bug#543785: backintime-common: backintime make world readable file in backup when it remove old backup
Package: backintime-common Version: 0.9.26-2 Severity: grave Tags: security Justification: user security hole When asking backintime to remove an old backup, it first change mode of all file of the backup to 777, allowing potentially every local user to read and modify those before they are deleted (and this could take some time). Worst still, if a file is shared between several backup, as the file''s mode are also shared, it stay world readable and writable in those other backup. Note that one do not need to change the mode of a file to suppress it: only the mode of the directory need to be changed. The other advantage to change the mode only for directories is that they are not shared between backup, so the changed mode don''t stay for long period of time. -- System Information: Debian Release: squeeze/sid APT prefers transitional APT policy: (500, ''transitional''), (500, ''unstable''), (500, ''testing''), (1, ''experimental'') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30.4 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages backintime-common depends on: ii cron 3.0pl1-106 process scheduling daemon ii python 2.5.4-2 An interactive high-level object-o ii python-support 1.0.3 automated rebuilding support for P ii rsync 3.0.6-1 fast remote file copy program (lik backintime-common recommends no packages. backintime-common suggests no packages. -- no debconf information