Helix Code Security Advisory - Helix GNOME Installer
Aug 20, 2000, 19:33 (1 Talkback[s])
Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame
From firstname.lastname@example.org Sun Aug 20 03:05:30 2000
Date: Sun, 20 Aug 2000 02:51:44 -0400 (EDT)
From: "Helix Code, Inc." <email@example.com>
Subject: [Helix Updates] Helix Code Security Advisory - Helix GNOME Installer
HELIX CODE, INC. SECURITY ADVISORY
firstname.lastname@example.org Issue Date: 20 Aug 2000
Helix GNOME Installer, versions 0.1 through 0.5
Vulnerabilities in the Helix GNOME Installer allow non-root users to exploit
world-writable permissions on /tmp to damage a system's configuration files
or install arbitrarily modified RPM packages.
Temporary copies of the /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and
/etc/rc.d/rc.gui files on Caldera OpenLinux eDesktop 2.4 and /etc/rc.config
on SuSE 6.3 and 6.4 are stored in the /tmp directory, modified, and moved back
into their original locations. A mkdir of the right path by any user prior to
root running the Helix GNOME Installer can result in a system's configuration
files being lost.
Furthermore, a directory called /tmp/helix-install is used to download
packages to be installed. If that directory was created by a malicious non-root
user, arbitrarily placed packages could be installed onto the system.
A new version of the Helix GNOME Installer (0.6) has been released. This new
version fixes both vulnerabilities. The first is solved by making backups of
the system files in the same directory from which they came, and doing the
operation on these files in-place. The second is solved by moving the default
download directory to /var/cache/helix-install, which is writable only by
New versions of the Helix GNOME Installer are available immediately from
Helix Code, Inc.
A list of supported systems can be found at
For supported i386 systems:
For supported PPC systems:
For supported UltraSparc Solaris systems:
Copyright © 2000 Helix Code, Inc.
updates maillist - email@example.com