Red Hat Bugzilla – Bug 70768
World writable /usr/games/Maelstrom/Maelstrom-Scores
Last modified: 2014-03-16 22:29:45 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/20020712
Description of problem:
The file /usr/games/Maelstrom/Maelstrom-Scores has evil 666 permissions. This is
bad because it can be used to bypass quota restrictions, and even worse since
this file is loaded processed by the game, depending on how securely it is
processed, someone might be able to exploit any user who runs the game.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Actual Results: n/a
Expected Results: n/a
Still in Null.
corrected in 3.0.5-4 and later.