xsane overwrites user's umask
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xsane |
Fix Released
|
Unknown
|
|||
xsane (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: xsane
xsane overwrites the user's umask to 0007, and creates ~/.sane and other files with the according 770 permissions on directories and 660 on files containing the printer description. This is dangerous in a multiuser environment.
The umask is set on line in xsane.h
107 #define XSANE_DEFAULT_UMASK 0007
This is used throughout the codebase.
> grep XSANE_DEFAULT_UMASK *
xsane.c: umask(XSANE_
xsane.c: umask(XSANE_
xsane.c: umask(XSANE_
xsane-device-
xsane-email-
xsane-fax-
xsane-fax-
xsane-fax-
xsane-front-gtk.c: umask(XSANE_
xsane.h:#define XSANE_DEFAULT_UMASK 0007
xsane-multipage
xsane-save.c: umask(XSANE_
xsane-viewer.c: umask(XSANE_
xsane-viewer.c: umask(XSANE_
Steps to reproduce:
1. rm -r ~/.sane
2. xsane
Related branches
- Ubuntu branches: Pending requested
-
Diff: 64 lines (+24/-1)5 files modified.pc/applied-patches (+1/-0)
debian/changelog (+8/-0)
debian/patches/fix_umaks_permitions.patch (+13/-0)
debian/patches/series (+1/-0)
src/xsane.h (+1/-1)
tags: | added: patch |
tags: |
added: patch-forwarded-debian removed: patch |
Changed in xsane: | |
status: | Unknown → New |
Changed in xsane: | |
status: | New → Fix Released |
Patch that should set the default umask to something more secure.