Secure testing team - Aug 2012 - Bug#683665: openvswitch-pki: creates world writable directories: /var/lib/openvswitch/pki/*ca/incoming/

Package: openvswitch-pki
Version: 1.4.2+git20120612-7
Severity: grave
Tags: security
User: debian-qa at lists.debian.org
Usertags: piuparts

Hi,

openvswitch-pki creates the following world writable directories during
installation:

    drwx-wx-wx 2 root root 40 Aug  1 05:32
/var/lib/openvswitch/pki/controllerca/incoming
    drwx-wx-wx 2 root root 40 Aug  1 05:32
/var/lib/openvswitch/pki/switchca/incoming

Even if an ordinary local user cannot list the contents of the
directory, he may correctly derive/guess filenames (unless they are
exclusively $(mktemp)) and delete and replace files in there.

I don''t know how openvswitch-pki works, how it uses this directory,
what probelms could possibly arise out of this.

Andreas