Comment 4 for bug 1933832

The conky apport script is not able to be expoited - whilst we can create a ~/.conkyrc specifying to load /etc/shadow say and then create a crash report to try and trigger this to occur:

echo "lua_load /etc/shadow" >> ~/.conkyrc

cat << EOF > /var/crash/poc.crash
ProblemType: Crash
ExecutablePath: /poc
Package: conky 123
SourcePackage: conky
ProcStatus:
 Pid:1000
 Uid:1000
EOF

When say whoopsie-upload-all runs, it either runs as a standard user - who does not have permission to read /etc/shadow - or it could run as root if say triggered by the system administrator - however in this case, since the script has:

conkyrc_path = path.expanduser('~/.conkyrc')

it will try and load /root/.conkyrc not one from the unprivileged user - hence there doesn't appear to be any way to use this to escalate privileges.