FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Inappropriate directory permissions in freebsd-update(8)

Affected packages
6.3 < FreeBSD < 6.3_14
6.4 < FreeBSD < 6.4_8
7.1 < FreeBSD < 7.1_9
7.2 < FreeBSD < 7.2_5
8.0 < FreeBSD < 8.0_1

Details

VuXML ID 6e87b696-ca3e-11df-aade-0050568f000c
Discovery 2009-12-03
Entry 2010-10-24

Problem Description:

When downloading updates to FreeBSD via 'freebsd-update fetch' or 'freebsd-update upgrade', the freebsd-update(8) utility copies currently installed files into its working directory (/var/db/freebsd-update by default) both for the purpose of merging changes to configuration files and in order to be able to roll back installed updates.

The default working directory used by freebsd-update(8) is normally created during the installation of FreeBSD with permissions which allow all local users to see its contents, and freebsd-update(8) does not take any steps to restrict access to files stored in said directory.

References

FreeBSD Advisory SA-09:17.freebsd-update