apt cron can corrupt /var/lib/apt/lists with captive portal garbage
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
On my wife's laptop running Trusty, patched to approximately a week ago, all of the
/var/lib/
an HTML file from OMNI Hotels (first few lines pasted below). We had looked at the
hotel network signup page using Firefox but decided against paying for the hotel net,
The ownership,group for the overwritten files was still root,root and writeable only by owner.
The overwriting of these files his broke updates. Moving these HTML files into
a "jail" directory and running "apt-get update; apt-get upgrade" seems to have
gotten updating working again.
I have not found any other overwritten files, or other damage, yet.
This seems to have been benign but annoying, but it's unsettling to see root files overwritten
by a hotel network login like this.
First few lines of the HTML file. the latter part has "terms and conditions, etc.":
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://
<HTML>
<HEAD>
<title>Omni Hotels</title>
<meta http-equiv=
<link rel="stylesheet" type="text/css" href="https:/
<link rel="stylesheet" type="text/css" href="https:/
<link rel="stylesheet" type="text/css" href="https:/
<script language=
<script language=
<script language=
<script language=
(I've saved the full content of these files for possible later analysis.)
information type: | Private Security → Public |
affects: | ubuntu → apt (Ubuntu) |
summary: |
- Root-owned files being overwritten with HTML by unknown program. + apt cron can corrupt /var/lib/apt/lists with captive portal garbage |
These kind of things *should not* happen anymore today. In ancient versions like the one in trusty, things are a bit more fragile, but there was a lot of reworking in the 1.1 series and newer.