Ubuntu

Information about Ubuntu system automatically written to iPod

Bug #1583388 reported by Olathe
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu
Triaged
High
Unassigned
Xenial
Triaged
Undecided
Unassigned

Bug Description

On Xubuntu 16.04, I connected an iPod Nano 5th Generation (8 GB) to my computer. After working on the files on the iPod from within the terminal for a while, I found that the almost 21 MB file /media/username/DEVICENAME/iPod_Control/iTunes/iTunesControl contained sensitive information about my Ubuntu system, such as my username, commands that I had run recently, commands that I had run a long time ago, the full paths of some of those commands, environment variables, my UID, and text that appeared in my terminal window (such as the prompt, which included a path that I was on; it even included ANSI escape sequences for the prompt).

I've attached the output of `strings iTunesControl`, with my username, hostname, and the iPod device name changed.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: mount 2.27.1-6ubuntu3
ProcVersionSignature: Ubuntu 4.4.0-22.40-generic 4.4.8
Uname: Linux 4.4.0-22-generic x86_64
ApportVersion: 2.20.1-0ubuntu2
Architecture: amd64
CurrentDesktop: XFCE
Date: Wed May 18 20:12:03 2016
EcryptfsInUse: Yes
InstallationDate: Installed on 2013-04-04 (1140 days ago)
InstallationMedia: Lubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.1)
SourcePackage: util-linux
UpgradeStatus: Upgraded to xenial on 2016-03-25 (54 days ago)

Revision history for this message
Olathe (erlercw+launchpad) wrote :
Revision history for this message
Seth Arnold (seth-arnold) wrote :

Do you happen to know off-hand which program is responsible for the iPod_Control/iTunes/iTunesControl file?

Also, note that your logs indicate a great deal of kernel audit messages, perhaps there's something worth investigating in /var/log/audit/audit.log.

Thanks

Revision history for this message
Olathe (erlercw+launchpad) wrote :

If I understand the question correctly, there shouldn't be any programs responsible for it other than something like a driver for accessing Apple devices. I didn't start up any programs that deal specifically with Apple devices or music devices or any music playing programs.

Thunar (the Xubuntu file manager) opened a window when the iPod was automounted. I was dealing with files in the terminal using standard commands like ls and rm. I also used Ruby's irb and the Ruby fileutils package to move and delete files. I used id3ren to rename some MP3 files. I also used strings to try to locate some missing song titles.

Unfortunately, I get "cat: /var/log/audit/audit.log: No such file or directory".

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Would you mind if we made this bug public? Perhaps someone has seen this issue before.

Revision history for this message
Olathe (erlercw+launchpad) wrote :

I'm OK with making the bug public.

Marc Deslauriers (mdeslaur)
information type: Private Security → Public Security
Changed in util-linux (Ubuntu):
status: New → Triaged
Revision history for this message
Alberto Salvia Novella (es20490446e) wrote :

@ Mark Deslauriers

This bug needed to be nominated for a stable release upgrade before marking it as triaged.

Changed in util-linux (Ubuntu):
importance: Undecided → High
Revision history for this message
Martin Pitt (pitti) wrote :

I cannot find iPod_Control or iTunesControl in libimobiledevice or gvfs, so I'm not sure what component actually creates those. But it's certainly not util-linux, so removing package name for now.

affects: util-linux (Ubuntu) → ubuntu
Changed in ubuntu:
status: Triaged → New
Marc Deslauriers (mdeslaur)
Changed in ubuntu:
status: New → Triaged
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.