Comment 8 for bug 1830862

Hi Eduardo,

Their response was: "I'm not sure of your Security Threat Model. Why does the attacker have control over the filesystem, especially on the application configuration?".

So their perspective is that this is not a vulnerability in the Python library, and I agree with them.

My main concern is that you can get Apport to read an arbitrary file by replacing ~/.config/apport/settings with a symlink. I haven't been able to think of an interesting way to exploit that, but I think it would be better if it wasn't possible. So I would recommend dropping privileges before you open the file, like you have done here:

https://git.launchpad.net/ubuntu/+source/apport/tree/apport/report.py?h=applied/ubuntu/bionic-devel&id=20c98691144e843bf1ab8428603beedd34e993ad#n964

I notice that I forgot to send you a source location in my original report. Sorry about that. This is the source location where I think it would be a good idea to temporarily drop privileges:

https://git.launchpad.net/ubuntu/+source/apport/tree/apport/fileutils.py?h=applied/ubuntu/bionic-devel&id=20c98691144e843bf1ab8428603beedd34e993ad#n331

Thanks,

Kev