From e916b584d8d0f3feb835fe3793f01271a301240d Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <julian.klode@canonical.com>
Date: Tue, 22 Sep 2020 14:12:12 +0200
Subject: [PATCH 2/2] Information disclosure in InstallFiles, GetFilesLocal and
 GetDetailsLocal

These functions revealed existence and content type of files, which
allows a non-root user to check existence and content type of any
file on the system, regardless of permission, as the checks are
performed as root.

A correct fix would move those checks into the client, and pass an
fd to the daemon. Here we just hide which failure it is, which we
would need to do anyway, but don't provide an improved version as
that's out of scope for a security issue and requires changes the
reverse dependencies using those functions.

Bug-Ubuntu: https://bugs.launchpad.net/bugs/1888887
---
 src/pk-transaction.c | 48 ++++++++++++++++----------------------------
 1 file changed, 17 insertions(+), 31 deletions(-)

diff --git a/src/pk-transaction.c b/src/pk-transaction.c
index 3ef5a12bf..4203761d3 100644
--- a/src/pk-transaction.c
+++ b/src/pk-transaction.c
@@ -3059,7 +3059,7 @@ pk_transaction_get_details_local (PkTransaction *transaction,
 			g_set_error (&error,
 				     PK_TRANSACTION_ERROR,
 				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
-				     "No such file %s", full_paths[i]);
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 			goto out;
 		}
@@ -3070,9 +3070,8 @@ pk_transaction_get_details_local (PkTransaction *transaction,
 		if (content_type == NULL) {
 			g_set_error (&error,
 				     PK_TRANSACTION_ERROR,
-				     PK_TRANSACTION_ERROR_MIME_TYPE_NOT_SUPPORTED,
-				     "Failed to get content type for file %s",
-				     full_paths[i]);
+				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 			goto out;
 		}
@@ -3082,9 +3081,8 @@ pk_transaction_get_details_local (PkTransaction *transaction,
 		if (!ret) {
 			g_set_error (&error,
 				     PK_TRANSACTION_ERROR,
-				     PK_TRANSACTION_ERROR_MIME_TYPE_NOT_SUPPORTED,
-				     "MIME type '%s' not supported %s",
-				     content_type, full_paths[i]);
+				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 			goto out;
 		}
@@ -3160,7 +3158,7 @@ pk_transaction_get_files_local (PkTransaction *transaction,
 			g_set_error (&error,
 				     PK_TRANSACTION_ERROR,
 				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
-				     "No such file %s", full_paths[i]);
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 			goto out;
 		}
@@ -3171,9 +3169,8 @@ pk_transaction_get_files_local (PkTransaction *transaction,
 		if (content_type == NULL) {
 			g_set_error (&error,
 				     PK_TRANSACTION_ERROR,
-				     PK_TRANSACTION_ERROR_MIME_TYPE_NOT_SUPPORTED,
-				     "Failed to get content type for file %s",
-				     full_paths[i]);
+				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 			goto out;
 		}
@@ -3183,9 +3180,8 @@ pk_transaction_get_files_local (PkTransaction *transaction,
 		if (!ret) {
 			g_set_error (&error,
 				     PK_TRANSACTION_ERROR,
-				     PK_TRANSACTION_ERROR_MIME_TYPE_NOT_SUPPORTED,
-				     "MIME type '%s' not supported %s",
-				     content_type, full_paths[i]);
+				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 			goto out;
 		}
@@ -3688,7 +3684,7 @@ pk_transaction_install_files (PkTransaction *transaction,
 			g_set_error (&error,
 				     PK_TRANSACTION_ERROR,
 				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
-				     "No such file %s", full_paths[i]);
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 				goto out;
 		}
@@ -3698,9 +3694,8 @@ pk_transaction_install_files (PkTransaction *transaction,
 		if (content_type == NULL) {
 			g_set_error (&error,
 				     PK_TRANSACTION_ERROR,
-				     PK_TRANSACTION_ERROR_NOT_SUPPORTED,
-				     "Failed to get content type for file %s",
-				     full_paths[i]);
+				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 				goto out;
 		}
@@ -3708,19 +3703,10 @@ pk_transaction_install_files (PkTransaction *transaction,
 		/* supported content type? */
 		ret = pk_transaction_is_supported_content_type (transaction, content_type);
 		if (!ret) {
-			if (g_strcmp0 ("application/x-app-package", content_type) == 0 ||
-			    g_str_has_suffix (full_paths[i], ".ipk") == TRUE) {
-				g_set_error (&error,
-					      PK_TRANSACTION_ERROR,
-					      PK_TRANSACTION_ERROR_MIME_TYPE_NOT_SUPPORTED,
-					      "Listaller is required to install %s", full_paths[i]);
-			} else {
-				g_set_error (&error,
-					     PK_TRANSACTION_ERROR,
-					     PK_TRANSACTION_ERROR_MIME_TYPE_NOT_SUPPORTED,
-					     "MIME type '%s' not supported %s",
-					     content_type, full_paths[i]);
-			}
+			g_set_error (&error,
+				     PK_TRANSACTION_ERROR,
+				     PK_TRANSACTION_ERROR_NO_SUCH_FILE,
+				     "No such file %s, or unknown or unsupported content type", full_paths[i]);
 			pk_transaction_set_state (transaction, PK_TRANSACTION_STATE_ERROR);
 				goto out;
 		}
-- 
2.27.0