oss-sec mailing list archives
Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method
From: gabriel.corona () free fr
Date: Wed, 20 May 2026 12:27:20 +0200
But it's probably possible to reach a similar o.fd.FileManager1 call from sandboxed code indirectly, by asking the OpenURI portal to open a directory, which will try to dispatch it to a file manager.
If that is the case, PCManFM is certainly equally impacted by the sandbox escape scenario.
Regards, Gabriel
Current thread:
- PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method Aaron Rainbolt (May 19)
- Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method Simon McVittie (May 20)
- Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method gabriel . corona (May 20)
- Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method gabriel . corona (May 20)
- Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method Simon McVittie (May 20)