lp:~tyhicks/lightdm/guest-dir-perms
- Get this branch:
- bzr branch lp:~tyhicks/lightdm/guest-dir-perms
Branch merges
- Robert Ancell: Approve
-
Diff: 12 lines (+1/-1)1 file modifieddebian/guest-account.sh (+1/-1)
Branch information
Recent revisions
- 2480. By Tyler Hicks
-
Explicitly set file mode when creating guest home directory
The fix for CVE-2017-7358 (bzr commit 2478) adjusted the guest home
directory creation to use mkdir in some instances. In those instances,
the home directory is world readable for a short amount of time before
tmpfs is mounted on top of the directory with a 700 file mode. There is
no information leak here since data isn't written to the directory
before the tmpfs mount occurs but it is best to ask mkdir to set the
file mode to 700 from the start.Thanks to Alexander Peslyak (Solar Designer) for catching this mistake.
- 2478. By Tyler Hicks
-
Detect existing malicious guest user home dirs
It was discovered that a local attacker could watch for lightdm's
guest-account script to create a /tmp/guest-XXXXXX file and then quickly
create the lowercase representation of the guest user's home directory
before lightdm could. This allowed the attacker to have control of the
guest user's home directory and, subsequently, gain control of an
arbitrary directory in the filesystem which could lead to privilege
escalation.This patch fixes the issue by detecting failures in creating a directory
for the guest user's home directory. If the file (directory, symlink,
etc.) already exists at the path, mkdir will fail and the script will
exit. This means that it is still possible for a local user to carry out
a denial of service on the guest user login feature.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:lightdm