Since the job is running as root, and on people.fedoraproject.org, it
can be abused by a non admin user using a symlink in /tmp (just a simple for loop over the pid space would be enough). Then we can at best erase a almost arbitrary file (using a creative symlink), or at worst, maybe inject data that could be parsed by a software (since the content would be under the control of a attacker, since that's the list of file in a user home directories.
This commit is contained in:
Michael Scherer
Kevin Fenzi
parent
02156cb213
commit
b811b3daf4
1 changed files with 2 additions and 1 deletions
|
|
@ -6,7 +6,8 @@
|
|||
LOGFILE="/var/log/clamscan.log"
|
||||
MAILTO="{{ clamscan_mailto }}"
|
||||
DAYS=7
|
||||
FILELIST="/tmp/clamscan_filelist.$$"
|
||||
TMPCLAMDIR=$(mktemp -d clamav_ansible.XXXXXX)
|
||||
FILELIST="$TMPCLAMDIR/clamscan_filelist.$$"
|
||||
|
||||
rm -f $LOGFILE
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue