forked from mirrors/nixpkgs
731917a800
printer driver and wrapper are often not written with security in mind. While reviewing https://github.com/NixOS/nixpkgs/pull/25654 I found a symlink-race vulnerability within the wrapper code, when writing unique files in /tmp. I expect this script to be reused in other models as well as similar vulnerabilities in the code of other vendors. Therefore I propose to make /tmp of cups.service private so that only processes with the same privileges are able to access these files. |
||
|---|---|---|
| .. | ||
| doc/manual | ||
| lib | ||
| maintainers | ||
| modules | ||
| tests | ||
| COPYING | ||
| default.nix | ||
| README | ||
| release-combined.nix | ||
| release-small.nix | ||
| release.nix | ||
*** NixOS *** NixOS is a Linux distribution based on the purely functional package management system Nix. More information can be found at http://nixos.org/nixos and in the manual in doc/manual.