~/.pam_environment gets created as owned by root
Bug #1974250 reported by
Gunnar Hjalmarsson
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
accountsservice (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned | ||
Kinetic |
Fix Released
|
High
|
Unassigned |
Bug Description
Something has happened lately with accountsservice, which makes it act as root instead of the current user when creating ~/.pam_environment. The very old bug #904395 comes to mind, and this smells a security issue.
The function which is supposed to prevent this behavior is here:
Haven't investigated further yet.
CVE References
information type: | Private Security → Public Security |
Changed in accountsservice (Ubuntu Jammy): | |
status: | New → Fix Released |
Changed in accountsservice (Ubuntu Kinetic): | |
status: | Fix Released → Confirmed |
tags: | added: patch |
Changed in accountsservice (Ubuntu Kinetic): | |
status: | Confirmed → Fix Committed |
To post a comment you must log in.
I can confirm this is happening on jammy, but not on impish.