Shell Command Injection when changing emblem with nemo
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Linux Mint |
Fix Committed
|
Undecided
|
Unassigned | ||
Bug Description
Security Problem in LinuxMint with Cinnamon Desktop and the nemo filemanager Version 2.6.7
The Line 132 in the python script "nemo-emblems.py" is vulnerable for Code Injection :
os.system("touch \"%s\"" % self.filename) # touch the file (to force Nemo to re-render its icon)
Exploit Demo :
-------
1) start the nemo file manager
2) rename a folder with nemo to this folder name
";killall nemo;#
3) Now change the EMBLEM icon of the folder with nemo
(rigthclick on the folder , choose a icon on the emblem tab)
4) nemo will be killed for a prove of concept.
This is only a simple Demo to do no harm to the user.
Each and every other command could be injected wich could do almost everything !
It's neraly the same issue as with he folder colors, i already reported on github
https:/
So, do not use os.system() in any python script anymore, use subprocess please
| information type: | Private Security → Public Security |
| Michael Webster (miketwebster) wrote | #1 |
| Changed in linuxmint: | |
| status: | New → Fix Committed |
https:/