malformed gconftool-2 command spawns countless windows
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gconf-editor (Ubuntu) |
Expired
|
Low
|
Unassigned |
Bug Description
Binary package hint: gconf-editor
Ubuntu 10.10
gconf-editor: 2.32.0-0ubuntu1
i was in a terminal trying to figure out how to properly use gconftool-2 to hide the desktop's trash icon, when i accidentally stumbled on a potential security risk.
gconftool-2 --set /apps/nautilus/
running the above command will spawn "Starting File Manager..." windows indefinitely. the panel will be flooded with windows, the CPU will spike 100%, and rebooting/logging out has no effect; the windows will continue to spawn @ login time, even if in failsafe mode!
only after i was able to open gconf-editor, navigate to /apps/nautilus/
this is similar in behavior to malware on an unnamed operating system! think, if someone with malicious intent were to instruct a noob (such as myself) to run it, it could cause hardware damage from high CPU usage.
i hope this bug report has been thorough, and not overly dramatic :-) i will supply more info upon request.
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.