Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE request: psi+ stores the cache file as world-readable
From: Seth Arnold <seth.arnold () canonical com>
Date: Tue, 26 Feb 2013 14:27:23 -0800

On Tue, Feb 26, 2013 at 11:04:24PM +0100, Agostino Sarubbo wrote:
Psi+, a fork of psi, stores its files in ~/.cache/psi+ as world-readable.

~/.cache $ ls -la psi+/
total 52
drwxr-xr-x 5 ago ago  4096 feb 25 09:41 .
drwx------ 5 ago ago  4096 feb 24 23:58 ..

It appears my ~/.cache and your ~/.cache are mode 0700. Directories
underneath are already unaccessible by other users, except if one of your
programs passes a filedescriptor to a directory to another user's process
(say, cwd is in ~/.cache/psi+ and then executes a setuid program, or
uses unix(7) SCM_RIGHTS to pass a directory file descriptor to another

Are there environments where ~/.cache isn't 0700 by default?


Attachment: signature.asc
Description: Digital signature

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]