apport-retrace crashed with IOError in __main__: [Errno 13] Permission denied: '_usr_bin_Xorg.0.crash'

Bug #1500541 reported by Christian Kirbach on 2015-09-28
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apport (Ubuntu)
Brian Murray

Bug Description

apport did not have the permissions to read the crash report in /var/crash, since I ran it as unpriviledged user.

I think apport could handle this more gracefully :)

ProblemType: Crash
DistroRelease: Ubuntu 15.10
Package: apport-retrace 2.19-0ubuntu1
ProcVersionSignature: Ubuntu 4.2.0-11.13-generic 4.2.1
Uname: Linux 4.2.0-11-generic x86_64
ApportLog: Error: [Errno 13] Keine Berechtigung: '/var/log/apport.log'
ApportVersion: 2.19-0ubuntu1
Architecture: amd64
CurrentDesktop: GNOME
Date: Mon Sep 28 19:22:10 2015
ExecutablePath: /usr/bin/apport-retrace
InstallationDate: Installed on 2013-01-08 (993 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
InterpreterPath: /usr/bin/python2.7
 No journal files were found.
 -- No entries --
PackageArchitecture: all
ProcCmdline: /usr/bin/python /usr/bin/apport-retrace _usr_bin_Xorg.0.crash
PythonArgs: ['/usr/bin/apport-retrace', '_usr_bin_Xorg.0.crash']
SourcePackage: apport
Title: apport-retrace crashed with IOError in __main__: [Errno 13] Permission denied: '_usr_bin_Xorg.0.crash'
 Traceback (most recent call last):
   File "/usr/bin/apport-retrace", line 405, in <module>
     out = open(, 'wb')
 IOError: [Errno 13] Permission denied: '_usr_bin_Xorg.0.crash'
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: audio bluetooth colord disk fuse games libvirtd operator pulse sudo syslog users vboxusers video whoopsie wireshark

Related branches

CVE References

tags: removed: need-duplicate-check
Changed in apport (Ubuntu):
importance: Undecided → Medium
Brian Murray (brian-murray) wrote :

This is also fall out of the following change:

    - SECURITY FIX: Fix all writers of report files (package_hook,
      kernel_crashdump, and similar) to open the report file exclusively,
      i. e. fail if they already exist. This prevents privilege escalation
      through symlink attacks. Note that this will also prevent overwriting
      previous reports with the same same. Thanks to halfdog for discovering
      this! (CVE-2015-1338, LP: #1492570)

Changed in apport (Ubuntu):
status: New → Triaged
information type: Private → Public
tags: added: rls-w-incoming
tags: added: rls-x-incoming
removed: rls-w-incoming
Changed in apport (Ubuntu):
status: Triaged → In Progress
assignee: nobody → Brian Murray (brian-murray)
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers