COMMAND

    setup

SYSTEMS AFFECTED

    Slackware Linux

PROBLEM

    Suman_Saraf found out that the setup program in slackware  creates
    a file called hdtest in /tmp  without checking for its  existence.
    So a malicious user could just create a symlink to any root  owned
    file and it will get fucked up when the administrator runs setup.

    In case under  which test was  made it just  created a symlink  to
    /etc/passwd  and  when  exited  the  setup  the file contains only
    "EXIT".

SOLUTION

    The best fix for this would be to let all these programs use their
    own tmp-dir, because they're going to  be run as root anyway.   As
    the 'make  config' script  used an  unsafe temporary  file, 2.0.34
    changed  this  practice  and  it  now  uses  a file in its working
    directory.