On at least Fedora Core every attachment which was openend is saved in /tmp. On a multi user system this can lead to a filename disclosure and therefore to a privacy problem, think about e.g.
/tmp/loveletter-from-girlfriend-xy.doc
Reproducible: Always
Steps to Reproduce:
1. Open attachment "secret-agenda-from-company.ppt" from an e-mail
2. login as different user and list /tmp directory
$ ls -al /tmp/*.ppt
-rw------- 1 peter peter 248832 16. Apr 14:08 /tmp/secret-agenda-from-company.ppt
Actual Results:
File name is unexpectly disclosed to all other non-root users
Expected Results:
File would be stored into a subdirectory in tmp, e.g.
/tmp/peter-thunderbird/secret-agenda-from-company.ppt
and
/tmp/peter-thunderbird is created with permissions 700
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.0.10) Gecko/20070313 Fedora/ 1.5.0.10- 5.fc6 Firefox/1.5.0.10 pango-text
Build Identifier: 1.5.0.10
On at least Fedora Core every attachment which was openend is saved in /tmp. On a multi user system this can lead to a filename disclosure and therefore to a privacy problem, think about e.g.
/tmp/loveletter -from-girlfrien d-xy.doc
Reproducible: Always
Steps to Reproduce: agenda- from-company. ppt" from an e-mail
1. Open attachment "secret-
2. login as different user and list /tmp directory agenda- from-company. ppt
$ ls -al /tmp/*.ppt
-rw------- 1 peter peter 248832 16. Apr 14:08 /tmp/secret-
Actual Results:
File name is unexpectly disclosed to all other non-root users
Expected Results: thunderbird/ secret- agenda- from-company. ppt thunderbird is created with permissions 700
File would be stored into a subdirectory in tmp, e.g.
/tmp/peter-
and
/tmp/peter-