oss-sec mailing list archives
Re: CVE request: psi+ stores the cache file as world-readable
From: Seth Arnold <seth.arnold () canonical com>
Date: Tue, 26 Feb 2013 14:27:23 -0800
On Tue, Feb 26, 2013 at 11:04:24PM +0100, Agostino Sarubbo wrote:
Psi+, a fork of psi, stores its files in ~/.cache/psi+ as world-readable. ~/.cache $ ls -la psi+/ total 52 drwxr-xr-x 5 ago ago 4096 feb 25 09:41 . drwx------ 5 ago ago 4096 feb 24 23:58 ..
It appears my ~/.cache and your ~/.cache are mode 0700. Directories underneath are already unaccessible by other users, except if one of your programs passes a filedescriptor to a directory to another user's process (say, cwd is in ~/.cache/psi+ and then executes a setuid program, or uses unix(7) SCM_RIGHTS to pass a directory file descriptor to another program). Are there environments where ~/.cache isn't 0700 by default? Thanks
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request: psi+ stores the cache file as world-readable Agostino Sarubbo (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Seth Arnold (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Agostino Sarubbo (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Kurt Seifried (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable gremlin (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Russ Allbery (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable gremlin (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Agostino Sarubbo (Feb 27)
- Re: CVE request: psi+ stores the cache file as world-readable Russ Allbery (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Seth Arnold (Feb 26)