thank you for the report.
On 11/25/2011 11:55 AM, Ludwig Nussel wrote:
colord did not quote user supplied strings which made it prone to
Just to have this one sorted out wrt to the patches, the relevant
upstream patches are these two:
Thank you && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team
When colord runs as root and local active users are allowed to
create new devices (both are the defaults AFAIK) this allows not
only to corrupt colord's own database but also to leverage it to
modify other databases in the system (PackageKit for example also
PoC available on request.