New fileutils packages for Red Hat Linux 6.2, 7.0, 7.1, 7.2 and 7.3 fix a race condition in recursive remove and move commands. [Updated 16 April 2003] Added packages for Red Hat Linux on IBM iSeries and pSeries systems.
The fileutils package includes a number of GNU versions of common and popular file management utilities. A race condition in the recursive use of 'rm' and 'mv' in fileutils 4.1 and earlier could allow local users to delete files and directories (as the user running fileutils) if the user has write access to part of the tree being moved or deleted. Red Hat Linux versions 6.2, 7, 7.1, 7.2, and 7.3 shipped with versions of fileutils that are vulnerable to this issue. This erratum provides new fileutils packages that contain a patch correcting this issue.