2009-08-24 13:38:35 |
Martin Erik Werner |
bug |
|
|
added bug |
2009-08-24 13:38:51 |
Martin Erik Werner |
visibility |
private |
public |
|
2009-08-24 13:47:00 |
Martin Erik Werner |
attachment added |
|
Dependencies.txt http://launchpadlibrarian.net/30726086/Dependencies.txt |
|
2009-08-24 14:45:52 |
Martin Erik Werner |
summary |
Permissions on user home directory set to 777 after copying it via nautilus |
Permissions on user home directory (source) set to 777 after copying it via nautilus |
|
2009-08-24 15:02:21 |
Martin Erik Werner |
attachment added |
|
Dependencies.txt http://launchpadlibrarian.net/30728717/Dependencies.txt |
|
2009-08-24 15:06:35 |
Martin Erik Werner |
tags |
|
copy home nautilus permission |
|
2009-08-27 19:49:04 |
Pedro Villavicencio |
nautilus (Ubuntu): importance |
Undecided |
Medium |
|
2009-08-27 19:49:04 |
Pedro Villavicencio |
nautilus (Ubuntu): assignee |
|
Ubuntu Desktop Bugs (desktop-bugs) |
|
2009-08-28 03:47:45 |
Martin Erik Werner |
attachment added |
|
Dependencies.txt http://launchpadlibrarian.net/30921489/Dependencies.txt |
|
2009-08-28 03:47:46 |
Martin Erik Werner |
attachment added |
|
usr_lib_nautilus.txt http://launchpadlibrarian.net/30921490/usr_lib_nautilus.txt |
|
2009-08-28 03:47:48 |
Martin Erik Werner |
tags |
copy home nautilus permission |
apport-collected copy home nautilus permission |
|
2009-08-28 15:38:02 |
Jamie Strandboge |
nautilus (Ubuntu): status |
New |
Triaged |
|
2009-08-28 16:31:15 |
Pedro Villavicencio |
bug watch added |
|
http://bugzilla.gnome.org/show_bug.cgi?id=593406 |
|
2009-08-28 16:31:30 |
Pedro Villavicencio |
bug task added |
|
nautilus |
|
2009-08-28 17:00:49 |
Bug Watch Updater |
nautilus: status |
Unknown |
New |
|
2009-08-28 17:12:14 |
Martin Erik Werner |
description |
Binary package hint: nautilus
TEST CASE:
1. Launch nautilus
2. Copy user directory to other location (e.g. /tmp)
3. Skip "special files" which cannot be copied (nautilus pop-up dialogues)
4. Check permissions of user's folder
Result: user directory permissions is changed to 777 (drwxrwxrwx user:user)
Expected behaviour: user directory permissions should be unchanged (755, drwxr-xr-x user:user)
(To revert, simply use "chmod 755 ~")
Another side-effect of this is that on startup, gnome(?) gives an error about the .drmc file and permissions (although it does only complain at that file not being 644 [which it IS])
I'm flagging this as a security vulnerability since this allows unwanted write access to user's directory. |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink inside ~/ linking to either ~ or a directory within ~
1. Launch nautilus
2. Copy directory ~ to other location (e.g. /tmp)
4. Check permissions of the symlinked folder (the source, not the copy)
Result: source ~ or folder permissions is changed to 777 (drwxrwxrwx user:user)
Expected behaviour: permissions should be unchanged (755, drwxr-xr-x user:user)
(To revert, simply use "chmod 755 foldername")
Another side-effect of this is that on startup, gnome(?) gives an error about the .drmc file and permissions (although it does only complain at that file not being 644 [which it IS])
I'm flagging this as a security vulnerability since this allows unwanted write access to user's directory. |
|
2009-08-28 17:15:24 |
Martin Erik Werner |
summary |
Permissions on user home directory (source) set to 777 after copying it via nautilus |
Permission of source folder in ~ set to 777 if symlinked and copied via nautilus |
|
2009-08-28 17:55:39 |
Martin Erik Werner |
summary |
Permission of source folder in ~ set to 777 if symlinked and copied via nautilus |
Permission of symlinked source file/folder set to 777 if symlink is copied via nautilus |
|
2009-08-28 18:03:52 |
Martin Erik Werner |
summary |
Permission of symlinked source file/folder set to 777 if symlink is copied via nautilus |
Subscribe someone else Search Search arand • Launchpad > Ubuntu > “nautilus” package Overview / Code / Bugs / Blueprints / Translations / Answers Bug #418135 reported by arand on 2009-08-24 (Activity log) Bug #418135: This report is public edit Security vulnerability Permissions of symlinked source file/folder set to 777 if symlink is copied via nautilus |
|
2009-08-28 18:03:52 |
Martin Erik Werner |
description |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink inside ~/ linking to either ~ or a directory within ~
1. Launch nautilus
2. Copy directory ~ to other location (e.g. /tmp)
4. Check permissions of the symlinked folder (the source, not the copy)
Result: source ~ or folder permissions is changed to 777 (drwxrwxrwx user:user)
Expected behaviour: permissions should be unchanged (755, drwxr-xr-x user:user)
(To revert, simply use "chmod 755 foldername")
Another side-effect of this is that on startup, gnome(?) gives an error about the .drmc file and permissions (although it does only complain at that file not being 644 [which it IS])
I'm flagging this as a security vulnerability since this allows unwanted write access to user's directory. |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink to a file or folder, on which you normally are able change permissions. (touch ~/testfile && ln -s ~/testfile ~/testlink)
2. Copy the symlink to anywhere using Nautilus (ctrl+c && ctrl+v)
3. Check permissions of the symlinked file or folder
Result: Symlinked file or folder permissions are changed to 777 (drwxrwxrwx user:user)
Expected behaviour: Permissions of symlinked file folder should be unchanged
(To revert, simply use "chmod 755 foldername") |
|
2009-08-28 18:03:52 |
Martin Erik Werner |
tags |
apport-collected copy home nautilus permission |
apport-collected copy nautilus permission symlink |
|
2009-08-28 18:04:59 |
Martin Erik Werner |
summary |
Subscribe someone else Search Search arand • Launchpad > Ubuntu > “nautilus” package Overview / Code / Bugs / Blueprints / Translations / Answers Bug #418135 reported by arand on 2009-08-24 (Activity log) Bug #418135: This report is public edit Security vulnerability Permissions of symlinked source file/folder set to 777 if symlink is copied via nautilus |
Permissions of symlinked source file/folder set to 777 if symlink is copied via nautilus |
|
2009-08-28 18:04:59 |
Martin Erik Werner |
description |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink to a file or folder, on which you normally are able change permissions. (touch ~/testfile && ln -s ~/testfile ~/testlink)
2. Copy the symlink to anywhere using Nautilus (ctrl+c && ctrl+v)
3. Check permissions of the symlinked file or folder
Result: Symlinked file or folder permissions are changed to 777 (drwxrwxrwx user:user)
Expected behaviour: Permissions of symlinked file folder should be unchanged
(To revert, simply use "chmod 755 foldername") |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink to a file or folder, on which you normally are able change permissions. (touch ~/testfile && ln -s ~/testfile ~/testlink)
2. Copy the symlink to anywhere using Nautilus (ctrl+c && ctrl+v)
3. Check permissions of the symlinked file or folder
Result: Symlinked file or folder permissions are changed to 777 (drwxrwxrwx user:user)
Expected behaviour: Permissions of symlinked file folder should be unchanged |
|
2009-08-28 18:09:11 |
Martin Erik Werner |
description |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink to a file or folder, on which you normally are able change permissions. (touch ~/testfile && ln -s ~/testfile ~/testlink)
2. Copy the symlink to anywhere using Nautilus (ctrl+c && ctrl+v)
3. Check permissions of the symlinked file or folder
Result: Symlinked file or folder permissions are changed to 777 (drwxrwxrwx user:user)
Expected behaviour: Permissions of symlinked file folder should be unchanged |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink to a file or folder, on which you normally are able change permissions. (touch ~/testfile && ln -s ~/testfile ~/testlink)
2. Copy the symlink to anywhere using Nautilus (ctrl+c && ctrl+v)
3. Check permissions of the symlinked file or folder
Result: Symlinked file or folder permissions are changed to 777 (drwxrwxrwx user:user)
Expected behaviour: Permissions of symlinked file folder should be unchanged
This does not allow setting permissions which your user could not do with chmod anyway, and hence is not a privilege escalation issue. |
|
2009-08-28 18:30:53 |
Kees Cook |
nautilus (Ubuntu): milestone |
|
karmic-alpha-6 |
|
2009-09-01 03:03:47 |
Kees Cook |
affects |
nautilus (Ubuntu) |
glib2.0 (Ubuntu) |
|
2009-09-01 03:03:47 |
Kees Cook |
glib2.0 (Ubuntu): status |
Triaged |
In Progress |
|
2009-09-01 03:10:08 |
Launchpad Janitor |
glib2.0 (Ubuntu): status |
In Progress |
Fix Released |
|
2009-09-01 05:27:11 |
Kees Cook |
nominated for series |
|
Ubuntu Hardy |
|
2009-09-01 05:27:11 |
Kees Cook |
bug task added |
|
glib2.0 (Ubuntu Hardy) |
|
2009-09-01 05:27:11 |
Kees Cook |
nominated for series |
|
Ubuntu Intrepid |
|
2009-09-01 05:27:11 |
Kees Cook |
bug task added |
|
glib2.0 (Ubuntu Intrepid) |
|
2009-09-01 05:27:11 |
Kees Cook |
nominated for series |
|
Ubuntu Karmic |
|
2009-09-01 05:27:11 |
Kees Cook |
bug task added |
|
glib2.0 (Ubuntu Karmic) |
|
2009-09-01 05:27:11 |
Kees Cook |
nominated for series |
|
Ubuntu Jaunty |
|
2009-09-01 05:27:11 |
Kees Cook |
bug task added |
|
glib2.0 (Ubuntu Jaunty) |
|
2009-09-01 05:27:28 |
Kees Cook |
glib2.0 (Ubuntu Intrepid): status |
New |
Confirmed |
|
2009-09-01 05:27:30 |
Kees Cook |
glib2.0 (Ubuntu Hardy): status |
New |
Confirmed |
|
2009-09-01 05:27:36 |
Kees Cook |
glib2.0 (Ubuntu Jaunty): status |
New |
Confirmed |
|
2009-09-01 05:28:00 |
Kees Cook |
glib2.0 (Ubuntu Karmic): assignee |
Ubuntu Desktop Bugs (desktop-bugs) |
Kees Cook (kees) |
|
2009-09-01 09:05:47 |
Martin Erik Werner |
attachment added |
|
rough_debdiff http://launchpadlibrarian.net/31111912/rough_debdiff |
|
2009-09-01 09:06:47 |
Martin Erik Werner |
attachment removed |
rough_debdiff http://launchpadlibrarian.net/31111912/rough_debdiff |
|
|
2009-09-01 09:08:44 |
Martin Erik Werner |
attachment added |
|
rough_debdiff http://launchpadlibrarian.net/31111974/rough_debdiff |
|
2009-09-01 10:37:04 |
Martin Erik Werner |
nautilus: status |
New |
Fix Released |
|
2009-09-01 12:09:29 |
Martin Erik Werner |
attachment added |
|
upstream_patch_debdiff http://launchpadlibrarian.net/31119367/upstream_patch_debdiff |
|
2009-09-04 01:29:53 |
Martin Erik Werner |
attachment added |
|
proposed backport to Jaunty debdiff http://launchpadlibrarian.net/31293950/backport_to_jaunty_debdiff |
|
2009-09-08 23:03:15 |
Kees Cook |
nominated for series |
|
Ubuntu Dapper |
|
2009-09-08 23:03:15 |
Kees Cook |
bug task added |
|
glib2.0 (Ubuntu Dapper) |
|
2009-09-08 23:03:31 |
Kees Cook |
glib2.0 (Ubuntu Dapper): status |
New |
Confirmed |
|
2009-09-09 03:07:54 |
Martin Erik Werner |
attachment added |
|
backport_to_intrepid_debdiff http://launchpadlibrarian.net/31519411/backport_to_intrepid_debdiff |
|
2009-09-09 03:18:48 |
Martin Erik Werner |
description |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink to a file or folder, on which you normally are able change permissions. (touch ~/testfile && ln -s ~/testfile ~/testlink)
2. Copy the symlink to anywhere using Nautilus (ctrl+c && ctrl+v)
3. Check permissions of the symlinked file or folder
Result: Symlinked file or folder permissions are changed to 777 (drwxrwxrwx user:user)
Expected behaviour: Permissions of symlinked file folder should be unchanged
This does not allow setting permissions which your user could not do with chmod anyway, and hence is not a privilege escalation issue. |
Binary package hint: nautilus
TEST CASE:
1. Create a symlink to a file or folder, on which you normally are able change permissions. (touch ~/testfile && ln -s ~/testfile ~/testlink)
2. Copy the symlink to anywhere using Nautilus (ctrl+c && ctrl+v)
3. Check permissions of the symlinked file or folder
Result: Symlinked file or folder permissions are changed to 777 (drwxrwxrwx user:user)
Expected behaviour: Permissions of symlinked file folder should be unchanged
NOTE: If testing different versions, nautilus needs to be restarted (including desktop), this easily done with:
killall nautilus && nautilus &disown
This bug does not allow setting permissions which your user could not do with chmod anyway, and hence is not a privilege escalation issue. |
|
2009-09-09 09:32:03 |
Martin Erik Werner |
attachment removed |
backport_to_intrepid_debdiff http://launchpadlibrarian.net/31519411/backport_to_intrepid_debdiff |
|
|
2009-09-09 10:19:58 |
Martin Erik Werner |
attachment added |
|
backport_to_intrepid_debdiff http://launchpadlibrarian.net/31532869/backport_to_intrepid_debdiff |
|
2009-09-09 11:19:32 |
Martin Erik Werner |
attachment added |
|
build_error_hardy http://launchpadlibrarian.net/31534316/build_error_hardy |
|
2009-09-09 15:38:05 |
Martin Erik Werner |
attachment added |
|
backport_to_hardy_debdiff http://launchpadlibrarian.net/31543033/backport_to_hardy_debdiff |
|
2009-09-30 14:21:32 |
Martin Erik Werner |
glib2.0 (Ubuntu Dapper): status |
Confirmed |
Invalid |
|
2009-10-03 17:35:02 |
Kees Cook |
glib2.0 (Ubuntu Intrepid): status |
Confirmed |
Fix Committed |
|
2009-10-03 17:35:08 |
Kees Cook |
glib2.0 (Ubuntu Jaunty): status |
Confirmed |
Fix Committed |
|
2009-10-03 17:35:16 |
Kees Cook |
glib2.0 (Ubuntu Hardy): status |
Confirmed |
Fix Committed |
|
2009-10-03 17:35:22 |
Kees Cook |
glib2.0 (Ubuntu Dapper): assignee |
|
arand (arand) |
|
2009-10-03 17:35:27 |
Kees Cook |
glib2.0 (Ubuntu Hardy): assignee |
|
arand (arand) |
|
2009-10-03 17:35:30 |
Kees Cook |
glib2.0 (Ubuntu Intrepid): assignee |
|
arand (arand) |
|
2009-10-03 17:35:35 |
Kees Cook |
glib2.0 (Ubuntu Jaunty): assignee |
|
arand (arand) |
|
2009-10-03 17:35:42 |
Kees Cook |
glib2.0 (Ubuntu Intrepid): importance |
Undecided |
Medium |
|
2009-10-03 17:35:45 |
Kees Cook |
glib2.0 (Ubuntu Jaunty): importance |
Undecided |
Medium |
|
2009-10-03 17:35:52 |
Kees Cook |
glib2.0 (Ubuntu Hardy): importance |
Undecided |
Medium |
|
2009-10-05 19:12:43 |
Kees Cook |
cve linked |
|
2009-3289 |
|
2009-10-05 20:06:26 |
Launchpad Janitor |
glib2.0 (Ubuntu Jaunty): status |
Fix Committed |
Fix Released |
|
2009-10-05 20:06:26 |
Launchpad Janitor |
glib2.0 (Ubuntu Intrepid): status |
Fix Committed |
Fix Released |
|
2009-10-05 20:06:26 |
Launchpad Janitor |
glib2.0 (Ubuntu Hardy): status |
Fix Committed |
Fix Released |
|
2009-10-14 15:18:52 |
Brian Shezi |
visibility |
public |
private |
|
2009-10-14 15:31:11 |
Chris Coulson |
visibility |
private |
public |
|
2009-10-31 02:07:13 |
Brian Shezi |
glib2.0 (Ubuntu Dapper): status |
Invalid |
Fix Committed |
|
2009-10-31 02:20:43 |
Steve Langasek |
glib2.0 (Ubuntu Dapper): status |
Fix Committed |
Invalid |
|
2010-02-23 02:02:19 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/glib2.0 |
|
2010-02-23 02:08:26 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/hardy-security/glib2.0 |
|
2010-02-23 02:09:15 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/jaunty-security/glib2.0 |
|
2010-02-23 02:09:30 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/intrepid-security/glib2.0 |
|
2010-04-11 17:38:16 |
Aron Griffis |
removed subscriber Aron Griffis |
|
|
|
2010-09-16 19:37:31 |
Bug Watch Updater |
nautilus: importance |
Unknown |
Critical |
|
2010-09-17 07:41:48 |
Gabriele Monti |
removed subscriber Gabriele Monti |
|
|
|