apport-retrace crashed with IOError in __main__: [Errno 13] Permission denied: '_usr_bin_Xorg.0.crash'
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apport (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
apport did not have the permissions to read the crash report in /var/crash, since I ran it as unpriviledged user.
I think apport could handle this more gracefully :)
ProblemType: Crash
DistroRelease: Ubuntu 15.10
Package: apport-retrace 2.19-0ubuntu1
ProcVersionSign
Uname: Linux 4.2.0-11-generic x86_64
ApportLog: Error: [Errno 13] Keine Berechtigung: '/var/log/
ApportVersion: 2.19-0ubuntu1
Architecture: amd64
CurrentDesktop: GNOME
Date: Mon Sep 28 19:22:10 2015
ExecutablePath: /usr/bin/
InstallationDate: Installed on 2013-01-08 (993 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
InterpreterPath: /usr/bin/python2.7
JournalErrors:
No journal files were found.
-- No entries --
PackageArchitec
ProcCmdline: /usr/bin/python /usr/bin/
PythonArgs: ['/usr/
SourcePackage: apport
Title: apport-retrace crashed with IOError in __main__: [Errno 13] Permission denied: '_usr_bin_
Traceback:
Traceback (most recent call last):
File "/usr/bin/
out = open(options.
IOError: [Errno 13] Permission denied: '_usr_bin_
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: audio bluetooth colord disk fuse games libvirtd operator pulse sudo syslog users vboxusers video whoopsie wireshark
Related branches
- Martin Pitt (community): Needs Fixing
-
Diff: 17 lines (+6/-1)1 file modifiedbin/apport-retrace (+6/-1)
CVE References
tags: | removed: need-duplicate-check |
Changed in apport (Ubuntu): | |
importance: | Undecided → Medium |
tags: |
added: rls-x-incoming removed: rls-w-incoming |
Changed in apport (Ubuntu): | |
status: | Triaged → In Progress |
assignee: | nobody → Brian Murray (brian-murray) |
Changed in apport (Ubuntu): | |
assignee: | Brian Murray (brian-murray) → nobody |
status: | In Progress → Triaged |
tags: | removed: rls-x-incoming |
This is also fall out of the following change:
- SECURITY FIX: Fix all writers of report files (package_hook, crashdump, and similar) to open the report file exclusively,
kernel_
i. e. fail if they already exist. This prevents privilege escalation
through symlink attacks. Note that this will also prevent overwriting
previous reports with the same same. Thanks to halfdog for discovering
this! (CVE-2015-1338, LP: #1492570)