|Tags||iptables firewalls perl parsing|
1.610 Nov 2015 15:10 security: - (Miloslav Trmač) Fixed a vulnerability to not use predictable names for temporary files. This vulnerability would allow an attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to. If a user manually overrides the temporary file locations with the 'iptout' and 'ipterr' hash keys, it is recommended to not use predictable names either. - Updated to use the '-w' argument on the iptables command line (a test is performed to see if it is supported). This acquires an exclusive lock on iptables command execution. This can be disable by the user if necessary by setting the new lockless_ipt_exec hash key.
Submitted byMichael Rash
ManageYou can also help out here by:
← Update project
or flagging this entry for moderator attention.