** Description changed:
Hi!
The Aptcc backend in PackageKit saves the changelog to a predictable location
in /tmp. As packagekitd is running as root, bad people could just add a symlink
named like the file in /tmp (e.g. to /etc/shadow) to screw up the system.
I fixed this in Debian already, you might want to take the patch
(02_aptcc-changelog-random-dir.patch) from there and apply it to Precise, if
possible.
For Quantal, please merge/sync packagekit 0.7.4-4 from Debian Sid, which
contains the patch and some other improvements.
Cheers,
- Matthias
+ Matthias
+
+ UPDATE: The same also applies for our Debconf handling. While the
changelog-issue is fixed, this issue is still valid for debconf sockets.
+ I therefore reopened this bug on Quantal and linked the Debian issue, which
will be fixed soon.
** Changed in: packagekit (Ubuntu Quantal)
Status: Fix Released => Triaged
** Bug watch added: Debian Bug tracker #678189
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678189
** Also affects: packagekit (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678189
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1007791
Title:
Security issue in PackageKit
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1007791/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
