Thumbnailer

thumbnailer should honor TMPDIR to work with apparmor policy

Bug #1296987 reported by Bill Filler
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Thumbnailer
Fix Released
High
Jussi Pakkanen
thumbnailer (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

in tracking down gallery-app bug https://bugs.launchpad.net/ubuntu/+source/gallery-app/+bug/1296634, we discovered thumbnailer is not honoring the TMPDIR apparmour policy.

Getting this DENIAL in /var/log/syslog if you have a video file in ~/Videos and you launch gallery-app:

Mar 24 18:27:54 ubuntu-phablet kernel: [ 3401.330077] type=1400 audit(1395700074.636:164): apparmor="DENIED" operation="mknod" parent=7101 profile="com.ubuntu.gallery_gallery_2.9.1.931" name="/tmp/filePdq5SX" pid=7102 comm="vs-thumb" requested_mask="c" denied_mask="c" fsuid=32011 ouid=32011

Related branches

lp:~jpakkane/thumbnailer/confinementfix
Jamie Strandboge: Approve
PS Jenkins bot (community): Approve (continuous-integration)
Diff: 46 lines (+17/-3)
1 file modified
src/thumbnailer.cpp (+17/-3)
lp:ubuntu/trusty-proposed/thumbnailer
Bill Filler (bfiller)
tags: added: application-confinement
Changed in thumbnailer:
assignee: nobody → Jussi Pakkanen (jpakkane)
importance: Undecided → High
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Note, TMPDIR is set to an app-specific directory for apps running under confinement as per https://wiki.ubuntu.com/SecurityTeam/Specifications/ApplicationConfinement

summary: - thumbnailer should honor TMPDIR apparmour policy
+ thumbnailer should honor TMPDIR to work with apparmor policy
Revision history for this message
Jussi Pakkanen (jpakkane) wrote :

Thumbnailer is using the tmpnam libc function to generate its temporary file names. If that is not generating valid files then

a) should this be fixed in the platform and
b) if not, what is the correct way to generate a temporary file name that can be used across the process boundary?

Jussi Pakkanen (jpakkane)
Changed in thumbnailer:
status: New → In Progress
Revision history for this message
Colin Watson (cjwatson) wrote :

The fix probably isn't any worse, but why not pay attention to the tmpnam manual page ("Never use this function") and use mkstemp or tmpfile instead of rolling your own temporary file creation function?

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package thumbnailer - 1.0+14.04.20140327-0ubuntu1

---------------
thumbnailer (1.0+14.04.20140327-0ubuntu1) trusty; urgency=low

  [ Jussi Pakkanen ]
  * Obey the TMPDIR. (LP: #1296987)
 -- Ubuntu daily release <email address hidden> Thu, 27 Mar 2014 08:36:59 +0000

Changed in thumbnailer (Ubuntu):
status: New → Fix Released
Revision history for this message
Jussi Pakkanen (jpakkane) wrote :

Tmpfile does not work because I need a visible file name to pass to a helper executable. Mkstemp could work, but I had some uncertainty about it, though I don't remember what the exact issue was. Anyway I put the creation in a separate function just for this reason: that makes it easy to see and easy to change.

Jussi Pakkanen (jpakkane)
Changed in thumbnailer:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.