[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

Launchpad has imported 17 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=444535. If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://hel

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

rusivi1, No, I think it was fixed for Jaunty. -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

rusivi1, No, I think it was fixed for Jaunty. -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

Thank you for reporting this bug. Does this problem occur in Lucid? ** Changed in: blender Status: New => Incomplete -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

This one has been fixed in ubuntu for a while now with debian/patches/02_tmp_in_HOME ** Changed in: blender (Ubuntu) Status: Confirmed => Fix Released -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) https://bugs.launchpad.net/bugs/6671 You received this bug notifica

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

** Changed in: blender (Debian) Status: Unknown => Fix Released -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

No login needed: http://projects.blender.org/tracker/index.php?func=detail&aid=18174 It seems that 02_tmp_in_HOME patch solves this problem, no? 02_tmp_in_HOME patch: http://patches.ubuntu.com/b/blender/extracted/02_tmp_in_HOME -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intr

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

** Bug watch added: Debian Bug tracker #298167 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298167 ** Also affects: blender (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298167 Importance: Unknown Status: Unknown -- insecure file access (breezy, dapper, edgy,

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

** Changed in: blender (Fedora) Status: Unknown => Fix Committed -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubunt

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

** Bug watch added: Red Hat Bugzilla #444535 https://bugzilla.redhat.com/show_bug.cgi?id=444535 ** Also affects: blender (Fedora) via https://bugzilla.redhat.com/show_bug.cgi?id=444535 Importance: Unknown Status: Unknown -- insecure file access (breezy, dapper, edgy, gutsy, hardy

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

Reported upstream as bug #18174 (login needed) -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubunt

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

Hi Guys, I've had a look at the problem and i can reproduce it. It also still exists in Blender 2.48a. Perhaps someone with some blender experience and rendering could advice. I see that blender has an option to change the rendering output directory (-o). Would it work (blender wise / process et

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

Anton Gyllenberg: nope. Marking Confirmed. ** Changed in: blender (Ubuntu) Status: Incomplete => Confirmed -- insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

Daniel T Chen wrote on 2008-09-14: > Is this symptom still reproducible in 8.10 alpha? Reproduced in 2.46+dfsg-4 (intrepid). I updated the bug description to reflect that. Is there something else needed to get the bug status to not be "incomplete"? -- insecure file access (breezy, dapper, edgy

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid)

** Summary changed: - insecure file access (breezy, dapper, edgy, gutsy, hardy) + insecure file access (breezy, dapper, edgy, gutsy, hardy, intrepid) ** Description changed: Reproduced in versions: 2.37a-1ubuntu1.1 (breezy?) 2.41-1ubuntu4 (dapper) 2.42a-linux-glibc232-py24-i3

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

Is this symptom still reproducible in 8.10 alpha? ** Changed in: blender (Ubuntu) Status: Triaged => Incomplete -- insecure file access (breezy, dapper, edgy, gutsy, hardy) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs, whi

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1103 ** Changed in: blender (Ubuntu) Status: Confirmed => Triaged -- insecure file access (breezy, dapper, edgy, gutsy, hardy) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a me

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

One possibility to consider would be to create a temporary directory under /tmp and use that in every place where /tmp is currently used. You cannot remove the symlinks as they are not owned by you. -- insecure file access (breezy, dapper, edgy, gutsy, hardy) https://bugs.launchpad.net/bugs/6671

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

In this case it seems blender should have its own scratch directory like the gimp does. -- insecure file access (breezy, dapper, edgy, gutsy, hardy) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. --

Re: [Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

On Thu, May 01, 2008 at 10:24:51AM -, Mauro Vale wrote: > Blender should use a random file name every time it needs to render. Well, use of /tmp should be only by mkstemp(). > This way it is impossible to overwrite anything with a symlink ;) Alternatively, require that the files not exist fi

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

Blender needs to be able to access rendered image sequences so it can play them back. random names could work, but only while blender was running. people often work on an animation over many days/weeks, so only allowing them to play their animation during a single session is not good. basically if

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

Blender should use a random file name every time it needs to render. This way it is impossible to overwrite anything with a symlink ;) -- insecure file access (breezy, dapper, edgy, gutsy, hardy) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

regarding "ln -s /home/bob/thesis.tex /tmp/0001.jpg" Should this problem be resolved by first removing the file before writing? That or checking if the file is a symlink, if so remove the symlink? -- insecure file access (breezy, dapper, edgy, gutsy, hardy) https://bugs.launchpad.net/bugs/6671 Y

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

Ah-ha! .B.blend was the key. Yes, this is a bad default -- thanks for staying on this bug. It had gotten lost (it was marked "security" but didn't have "ubuntu-security" subscribed to it). ** Changed in: blender (Ubuntu) Importance: High => Medium Assignee: Kees Cook (keescook) => (unass

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

Reproduced on a fresh installation (hardy desktop). I don't believe this is due to some old configuration files left behind. -- insecure file access (breezy, dapper, edgy, gutsy, hardy) https://bugs.launchpad.net/bugs/6671 You received this bug notification because you are a member of Ubuntu Bugs

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

I created a new user for testing this, no ~/.blender directory or ~/.B.blend file. Still happens for me. Kees, do you have a ~/.B.blend file that would override the renderdir? -- insecure file access (breezy, dapper, edgy, gutsy, hardy) https://bugs.launchpad.net/bugs/6671 You received this bug

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

It seems that Launchpad has automatically added a CVE reference to this bug without asking me for a confirmation. I'll remove the reference now to prevent possible confusion. If you know that this problem and CVE-2008-1103 are in fact the same issue, please add the CVE reference again. ** CVE remo

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

Is this the same issue as CVE-2008-1103, an unspecified insecure temporary file creation vulnerability reported in a recent SUSE advisory ? ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1103 -- insecure file access (breezy, dapper, edgy, g

[Bug 6671] Re: insecure file access (breezy, dapper, edgy, gutsy, hardy)

I don't see this behavior. The "render directory" setting by default is //render which is the homedirectory, not /tmp. Perhaps you have an older .blender directory that contains settings for /tmp ? ** Changed in: blender (Ubuntu) Assignee: (unassigned) => Kees Cook (keescook) Status: