LD_LIBRARY_PATH in /usr/bin/exaile potentially security issue
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Exaile |
Invalid
|
High
|
Johannes Sasongko | ||
exaile (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: exaile
/usr/bin/exaile contains the following:
$> cat /usr/bin/exaile
#!/bin/sh
cd /usr/share/exaile
export LD_LIBRARY_
export MOZILLA_FIVE_HOME=
exec python /usr/lib/
This is a potential problem because of this:
http://
It should be defined as this post suggest (http://
):
#!/bin/sh
cd /usr/share/exaile
export LD_LIBRARY_
export MOZILLA_FIVE_HOME=
exec python /usr/lib/
In other words, if LD_LIBRARY_PATH is not set (or set but empty), LD_LIBRARY_PATH should only be "/usr/lib/firefox". Without this fix, it would be defined as: ":/usr/
Other References:
CVE-2005-4790
CVE-2005-4791
Changed in exaile: | |
status: | New → Fix Released |
Sorry, this is the correct code:
#!/bin/sh PATH=${ LD_LIBRARY_ PATH+$LD_ LIBRARY_ PATH:}/ usr/lib/ firefox exaile/ exaile. py "$@"
cd /usr/share/exaile
export LD_LIBRARY_
export MOZILLA_FIVE_HOME=
exec python /usr/lib/
Should've tested more:
$> export FOO=THIS
$> echo ${FOO:+$FOO:}BAR
THIS:BAR
$> export FOO=
$> echo ${FOO:+$FOO:}BAR
BAR
$>unset FOO
$> echo ${FOO:+$FOO:}BAR
BAR