Their response was: "I'm not sure of your Security Threat Model. Why does the attacker have control over the filesystem, especially on the application configuration?".
So their perspective is that this is not a vulnerability in the Python library, and I agree with them.
My main concern is that you can get Apport to read an arbitrary file by replacing ~/.config/apport/settings with a symlink. I haven't been able to think of an interesting way to exploit that, but I think it would be better if it wasn't possible. So I would recommend dropping privileges before you open the file, like you have done here:
I notice that I forgot to send you a source location in my original report. Sorry about that. This is the source location where I think it would be a good idea to temporarily drop privileges:
Hi Eduardo,
Their response was: "I'm not sure of your Security Threat Model. Why does the attacker have control over the filesystem, especially on the application configuration?".
So their perspective is that this is not a vulnerability in the Python library, and I agree with them.
My main concern is that you can get Apport to read an arbitrary file by replacing ~/.config/ apport/ settings with a symlink. I haven't been able to think of an interesting way to exploit that, but I think it would be better if it wasn't possible. So I would recommend dropping privileges before you open the file, like you have done here:
https:/ /git.launchpad. net/ubuntu/ +source/ apport/ tree/apport/ report. py?h=applied/ ubuntu/ bionic- devel&id= 20c98691144e843 bf1ab8428603bee dd34e993ad# n964
I notice that I forgot to send you a source location in my original report. Sorry about that. This is the source location where I think it would be a good idea to temporarily drop privileges:
https:/ /git.launchpad. net/ubuntu/ +source/ apport/ tree/apport/ fileutils. py?h=applied/ ubuntu/ bionic- devel&id= 20c98691144e843 bf1ab8428603bee dd34e993ad# n331
Thanks,
Kev