Insecure temporary file creation in fsm_draw.py
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Ubuntu One Client |
Fix Released
|
Medium
|
dobey | ||
| ubuntuone-client (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
Binary package hint: python-
ubuntuone-
test case :
emanuel@
emanuel@
Parsing file... (Mon Jun 6 15:32:14 2011)
Building graph... (Mon Jun 6 15:32:16 2011)
Drawing... (Mon Jun 6 15:32:16 2011)
emanuel@
-rw-r--r-- 1 emanuel emanuel 13587 2011-06-06 15:32 /tmp/graph.debug
the bug can be found at :
dotcode = graph_base % "\n".join(
if debug:
a = open("/
a.close()
fix : use mkstemp alike functionality.
Related branches
- Natalia Bidart (community): Approve
-
Diff: 20 lines (+3/-1)1 file modifiedubuntuone/syncdaemon/fsm/fsm_draw.py (+3/-1)
| security vulnerability: | no → yes |
| Changed in ubuntuone-client: | |
| assignee: | nobody → Rodney Dawes (dobey) |
| importance: | Undecided → Medium |
| status: | New → In Progress |
| Changed in ubuntuone-client: | |
| status: | In Progress → Fix Committed |
| Changed in ubuntuone-client: | |
| milestone: | none → 1.7.1 |
| Changed in ubuntuone-client (Ubuntu): | |
| importance: | Undecided → Medium |
| milestone: | none → oneiric-alpha-3 |
| status: | New → In Progress |
| Kees Cook (kees) wrote | #1 |
| Changed in ubuntuone-client (Ubuntu): | |
| milestone: | oneiric-alpha-3 → ubuntu-11.10-beta-1 |
| Changed in ubuntuone-client: | |
| status: | Fix Committed → Fix Released |
| Changed in ubuntuone-client (Ubuntu): | |
| status: | In Progress → Fix Released |
While good to fix this, I should point out that Maverick and later are not vulnerable to symlink attacks in /tmp.