[LWN Logo]
[Timeline]
Date:         Wed, 30 Aug 2000 19:00:53 -0400
From: Peter W <peterw@USA.NET>
Subject:      Re: Helix Code Security Advisory - go-gnome pre-installer
To: BUGTRAQ@SECURITYFOCUS.COM

At 6:08pm Aug 29, 2000, Helix Code, Inc. wrote:

> The go-gnome pre-installer has been updated on the main Helix Code mirror and
> go-gnome.com. This new version fixes this vulnerability by storing files in
> /var/cache/helix-install, which is writable only by root.

	mkdir -p -m 644 $cachedir
This works since the script runs as root, but didn't you mean 0755 ? [0]

> Copyright (c) 2000 Helix Code, Inc.

Thanks for addressing the issue of why the lynx hack is a bad idea. And
why you don't sign packages.

Next up, instructions for configuring Squid and Apache proxy servers to
compromise any workstation that tries to get the lynx hack script... any
takers? Bonus points for configs that only affect requests where the
User-Agent begins with "Lynx". Extra credit for ipchains and ipfilter
rules to redirect requests for spidermonkey.helixcode.com to such a proxy
for victims behind NAT firewalls who think they're not using Web proxies.

Tip of the hat to Neil W. Van Dyke, who opened a grave bug on the lynx
hack back in July: http://bugs.helixcode.com/db/14/1472.html

-Peter

[0] BTW, also note that this script can only be run once on non-Debian
    boxes, since it bails if $cachedir exists.