ubuntu-download-manager

Must write downloads of confined apps securely

Bug #1233149 reported by Loïc Minier
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ubuntu-download-manager
Fix Released
Critical
Manuel de la Peña
ubuntu-download-manager 0.9
ubuntu-download-manager (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

hi,

currently download manager makes sure that files are written under an app specific directory, but it takes little care to protect from symlinks pointing out of the directory, but it does run unconfined.

The per-app downloads directory and the downloads should be created securely before we expose this to apps.

Also

Cheers,

Related branches

lp:~mandel/ubuntu-download-manager/all-downloads-client
dobey (community): Approve
Alejandro J. Cura (community): Approve
PS Jenkins bot: Needs Fixing (continuous-integration)
Mike McCracken: Pending requested
Diff: 1359 lines (+708/-161)
30 files modified
debian/control (+3/-3)
debian/libubuntu-download-manager-client-dev.install (+1/-1)
debian/libubuntu-download-manager-common-dev.install (+1/-1)
debian/libubuntu-upload-manager-common-dev.install (+1/-1)
debian/libudm-common-dev.install (+1/-1)
debian/ubuntu-download-manager.install (+1/-1)
debian/ubuntu-upload-manager.install (+1/-1)
src/common/priv/udm-priv-common.pro.THIS (+0/-67)
src/common/public/CMakeLists.txt (+1/-1)
src/downloads/client/CMakeLists.txt (+4/-1)
src/downloads/client/ubuntu/download_manager/download_impl.cpp (+4/-4)
src/downloads/client/ubuntu/download_manager/download_impl.h (+4/-2)
src/downloads/client/ubuntu/download_manager/download_pendingcall_watcher.cpp (+4/-4)
src/downloads/client/ubuntu/download_manager/download_pendingcall_watcher.h (+2/-2)
src/downloads/client/ubuntu/download_manager/downloads_list.h (+50/-0)
src/downloads/client/ubuntu/download_manager/downloads_list_impl.cpp (+64/-0)
src/downloads/client/ubuntu/download_manager/downloads_list_impl.h (+53/-0)
src/downloads/client/ubuntu/download_manager/error.h (+5/-3)
src/downloads/client/ubuntu/download_manager/group_download.h (+1/-1)
src/downloads/client/ubuntu/download_manager/manager.h (+67/-2)
src/downloads/client/ubuntu/download_manager/manager_impl.cpp (+44/-22)
src/downloads/client/ubuntu/download_manager/manager_impl.h (+11/-2)
src/downloads/client/ubuntu/download_manager/manager_pendingcall_watcher.cpp (+111/-20)
src/downloads/client/ubuntu/download_manager/manager_pendingcall_watcher.h (+60/-17)
src/downloads/common/CMakeLists.txt (+1/-1)
src/downloads/daemon/CMakeLists.txt (+1/-1)
src/uploads/common/CMakeLists.txt (+1/-1)
src/uploads/daemon/CMakeLists.txt (+1/-1)
tests/test_client_manager.cpp (+202/-0)
tests/test_client_manager.h (+8/-0)
lp:ubuntu/utopic-proposed/ubuntu-download-manager
Loïc Minier (lool)
information type: Private Security → Public
Manuel de la Peña (mandel)
Changed in ubuntu-download-manager:
status: New → Confirmed
importance: Undecided → Critical
assignee: nobody → Manuel de la Peña (mandel)
Manuel de la Peña (mandel)
Changed in ubuntu-download-manager:
milestone: none → 0.4
Manuel de la Peña (mandel)
Changed in ubuntu-download-manager:
status: Confirmed → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-download-manager - 0.3+14.10.20140430-0ubuntu1

---------------
ubuntu-download-manager (0.3+14.10.20140430-0ubuntu1) utopic; urgency=low

  [ Manuel de la Peña ]
  * Add upload definitions and autogenerated adaptors.
  * Reorg the code so that it is simpler to share code between the
    uploader and the downloader. Cmake has been added as the new build
    system.
  * Generalize the daemon so that it can be used for the uploader too.
  * Split the different tests now that we are going to support uploads.
  * Split the daemon test code.
  * Refactor q code so that it can be used by uploads and downloads.
  * Remove the use of fakes in favour of google mock. libgoogle-glog-dev
    was added as a dependency. (LP: #1300243)
  * Refactor downloads so that they inherit from transfer and can be
    used in the new q implementation.
  * Provide the factories needed by the uploads.
  * Provide the class that will be performing uploads.
  * Provide the class that will perform mms uploads.
  * Provide factory implementation.
  * Add uploads manager implementation. (LP: #1300178)
  * Organize project simpler so that new developers find it easier to
    move arround the code. (LP: #1300184)
  * Allow the clients to change the destination directory of the
    download. (LP: #1271507)
  * Provide the methods that allow to get all the downloads and all the
    downloads with a given metadata value. (LP: #1233149)

  [ CI bot ]
  * Provide factory implementation.
  * Add uploads manager implementation. (LP: #1300178)
 -- Ubuntu daily release <email address hidden> Wed, 30 Apr 2014 00:10:00 +0000

Changed in ubuntu-download-manager (Ubuntu):
status: New → Fix Released
Manuel de la Peña (mandel)
Changed in ubuntu-download-manager:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.