insecure file creation in mintnanny

Bug #1008501 reported by Michael Scherer on 2012-06-04
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Linux Mint
Fix Released
Undecided
Unassigned

Bug Description

Mintnanny do not properly check if a file do not already exist in /tmp when using sed. This issue have been reported on security mailling list, but no one seemed to react, hence this bug report.

Look at https://github.com/linuxmint/mintnanny/blob/master/usr/lib/linuxmint/mintNanny/mintNanny.py#L70

While this is prevented on regular mint due to yama security module, this is still a problem on LMDE. Someone could use this to crash a LMDE system, provided he is able to connect to it as simple user and trick admin to run mintnanny ( IE, something that would be quite easy to trigger in a school and a public computer )

CVE assigned is CVE-2012-1566 since 2 months, and the project have been notified.

CVE References

visibility: private → public
chemicalfan (mike-lumsden) wrote :

Sorry, should read: Does this bug apply to the current LMDE release? If not, this bug should be closed.

Changed in linuxmint:
status: New → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers