CVE-2009-2939
Published: 21 September 2009
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
Priority
Notes
Author | Note |
---|---|
jdstrand | per Weitse, the symlink attack should not be possible due to defensive programming. A subverted postfix process running as 'postfix' could replace the pid file, which master could then send signals to. |