Description of problem: Scriptlets contain | %pre | ... | touch /tmp/dovecot-restart-after-rpm-install As /tmp is writable by everybody, an attacker could cause the creation of arbitrary files. It would be better to use a directory like /var/run for such flags as it is writable by root only. Version-Release number of selected component (if applicable): dovecot-0.99.14-2.fc4
fixed in dovecot-0.99.14-5.fc4 Same issue occurs in mailman, fixed there too mailman-2.1.5-36.fc4