oss-sec mailing list archives
RuboCop: insecure use of /tmp
From: Jakub Wilk <jwilk () jwilk net>
Date: Mon, 1 May 2017 18:54:44 +0200
RuboCop stores cache files in /tmp/$UID/rubocop_cache/.There are no ownership checks, so a malicious local users could exploit this to tamper with cache files belonging to other users.
Upstream bug report: https://github.com/bbatsov/rubocop/issues/4336 I've attached PoC exploit. -- Jakub Wilk
Attachment:
rubocop-cache-exploit
Description:
Current thread:
- RuboCop: insecure use of /tmp Jakub Wilk (May 01)