Message174319
I think this is a legitimate security bug.
the malicious program needs to create a file with a certain name in the home dir.
If a user runs say IDLE (or another tk app) with root priveleges using sudo, the file will be run with root priveleges. |
|
Date |
User |
Action |
Args |
2012-10-31 16:30:14 | Ramchandra Apte | set | recipients:
+ Ramchandra Apte, terry.reedy, gpolo, Arfrever |
2012-10-31 16:30:14 | Ramchandra Apte | set | messageid: <1351701014.31.0.95417348343.issue16248@psf.upfronthosting.co.za> |
2012-10-31 16:30:14 | Ramchandra Apte | link | issue16248 messages |
2012-10-31 16:30:14 | Ramchandra Apte | create | |
|