DescriptionThe setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations.
Overall state of this security issue: Resolved
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
|National Vulnerability Database
SUSE Timeline for this CVECVE page created: Tue Jul 9 19:40:27 2013
CVE page last modified: Fri Oct 7 12:46:21 2022