Ubuntu
blender package

  1. Bug #6671
  2. Comment #5

Comment 5 for bug 6671

Revision history for this message
Anton Gyllenberg (antong) wrote : insecure file access

Version: 2.37a-1ubuntu1.1

Blender writes to files in /tmp/ in an insecure fashion. For example, launching blender and then pressing 'a' (for animation?) writes to the file /tmp/0000.jpg.

This can be exploited by a malicious user to overwrite arbitrary files of another user using blender:

mallory@myhost$ ln -s /home/bob/thesis.tex /tmp/0000.jpg