weak file permission with default config/installation

Thanks for the report, I can confirm:

$ ls -lad / /var /var/lib /var/lib/automysqlbackup
drwxr-xr-x 24 root root 4096 Oct 29 18:23 /
drwxr-xr-x 13 root root 4096 Oct 29 18:24 /var
drwxr-xr-x 59 root root 4096 Nov 14 15:23 /var/lib
drwxr-xr-x 2 root root 4096 Feb 15 2012 /var/lib/automysqlbackup

automysqlbackup is in universe, thus it is community-supported. If you
are able, I suggest coordinating with upstream and posting a debdiff for
this issue. When a debdiff is available, members of the security team
will review it and publish the package. See the following link for more
information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

Thanks

I've reported the bug with Debian, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729619

While the actual backup files do get chmoded to 700, there is a race there. Best is to restrict permissions on the directory.

Hi,
No, there's no race condition for backuped files, it's not chmod that is in use. I would consider this bug as very low priority, since it only allows someone with a shell access to list the databases at most.

Also, please note that there's no "upstream" but the Debian package maintainer (eg: me) since the Debian package has diverged from upstream and could be considered a fork.

I would be happy to accept any patch to fix this problem (as I wont have much time to work on it myself).

Cheers,

Thomas

The code does this:

# Database dump function
dbdump () {
 touch $2
 chmod 600 $2
...
  mysqldump --defaults-file=/etc/mysql/debian.cnf $NEWOPT $1 > $2

That looks like a chmod to me.
Isn't it possible for someone to obtain a file handle on $2 between the touch and the chmod?