Insecure temporary file creation in fsm_draw.py
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu One Client |
Fix Released
|
Medium
|
dobey | ||
ubuntuone-client (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: python-
ubuntuone-
test case :
emanuel@
emanuel@
Parsing file... (Mon Jun 6 15:32:14 2011)
Building graph... (Mon Jun 6 15:32:16 2011)
Drawing... (Mon Jun 6 15:32:16 2011)
emanuel@
-rw-r--r-- 1 emanuel emanuel 13587 2011-06-06 15:32 /tmp/graph.debug
the bug can be found at :
dotcode = graph_base % "\n".join(
if debug:
a = open("/
a.close()
fix : use mkstemp alike functionality.
Related branches
- Natalia Bidart (community): Approve
-
Diff: 20 lines (+3/-1)1 file modifiedubuntuone/syncdaemon/fsm/fsm_draw.py (+3/-1)
security vulnerability: | no → yes |
Changed in ubuntuone-client: | |
assignee: | nobody → Rodney Dawes (dobey) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in ubuntuone-client: | |
status: | In Progress → Fix Committed |
Changed in ubuntuone-client: | |
milestone: | none → 1.7.1 |
Changed in ubuntuone-client (Ubuntu): | |
importance: | Undecided → Medium |
milestone: | none → oneiric-alpha-3 |
status: | New → In Progress |
Changed in ubuntuone-client (Ubuntu): | |
milestone: | oneiric-alpha-3 → ubuntu-11.10-beta-1 |
Changed in ubuntuone-client: | |
status: | Fix Committed → Fix Released |
Changed in ubuntuone-client (Ubuntu): | |
status: | In Progress → Fix Released |
While good to fix this, I should point out that Maverick and later are not vulnerable to symlink attacks in /tmp.