man --html=firefox
Man is owned and grouped root on my system, when you open a man page with the --html option you are root in the web browser.
You can then browse to any page and save a file it will be owned root and even create new directories with Firefox all owned as root.
I hope this isn't as big of a security hole as it seems to be.
As a remedy on my system I have changed the ownership of /usr/bin/man to a less privileged user and the man command still functions as expected.
No comments:
Post a Comment