xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.Referenceshttp://secunia.com/advisories/25761http://www.securityfocus.com/bid/23922http://osvdb.org/36716http://secunia.com/advisories/26867http://www.ubuntu.com/usn/usn-516-1http://secunia.com/advisories/25425http://www.novell.com/linux/security/advisories/2007_10_sr.htmlhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894http://secunia.com/advisories/25220http://www.mandriva.com/security/advisories?name=MDKSA-2007:134
