AIX dead.letter Insecure Temporary File Creation Vulnerability

AIX dead.letter Insecure Temporary File Creation Vulnerability

Under certain versions of AIX, the printq program leaves insecure temporary files in users home directories. This file, dead.letter is left with group 'printq' permissions and is left in the users home directory. The use may then use a symlink attack to overwirte and file in the 'printq' group.