Comment 26 for bug 1546507
Revision history for this message
| Hemanth Makkapati (hemanth-makkapati) wrote Re: Regular user can delete any image file | #26 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
@Flavio,
"If I create an empty image and set my own location, which doesn't have the image id in it, I'll still be able to exploit this."
With Mike's patch, one won't be able to set any location that doesn't have the image id present in it. Well, unless it's HTTP.
If the public image has an HTTP location (and it is exposed), then this exploit is still possible I guess.
So, it looks like this patch essentially reduces the attack vector to a great extent.
Or did I get something wrong? :)