Bug #69277 for Data-UUID: Insecure usage of /tmp/.UUID

RT for rt.cpan.org

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the Data-UUID CPAN distribution.

Report information

The Basics

Id:	69277
Status:	rejected
Priority:	0/
Queue:	Data-UUID

People

Owner:	Nobody in particular
Requestors:	tim [...] retout.co.uk
Cc:
AdminCc:

Bug Information

Severity:	Critical
Broken in:	1.217
Fixed in:	(no value)

History Show all quoted text

Mon Jul 04 18:18:25 2011 tim [...] retout.co.uk - Ticket created

Subject:

Insecure usage of /tmp/.UUID_STATE

A symlink attack via Data::UUID seems to be possible. As user2: ln -s /home/user1/test-file /tmp/.UUID_STATE As user1: perl -MData::UUID -e 'Data::UUID->new' Then /home/user1/test-file is overwritten. I could not achieve the same result via /tmp/.UUID_NODEID, but I have not studied this carefully.

Tue Jul 30 17:17:34 2013 tim [...] retout.co.uk - Correspondence added

Reposted at https://github.com/rjbs/Data-UUID/issues/5 which is now the preferred bug tracker.

Tue Jul 30 17:20:51 2013 rjbs [...] cpan.org - Correspondence added

Thanks. As it's now there, I'm closing it here. -- rjbs

Tue Jul 30 17:20:51 2013 The RT System itself - Status changed from 'new' to 'open'

Tue Jul 30 17:20:52 2013 rjbs [...] cpan.org - Status changed from 'open' to 'rejected'

Bug #69277 for Data-UUID: Insecure usage of /tmp/.UUID_STATE

Preferred bug tracker