** Summary changed: - insecure file access + insecure file access (breezy, dapper)
** Description changed: - Version: 2.37a-1ubuntu1.1 + Reproduced in versions: + 2.37a-1ubuntu1.1 (breezy?) + 2.41-1ubuntu4 (dapper) Blender writes to files in /tmp/ in an insecure fashion. For example, - launching blender and then pressing 'a' (for animation?) writes to the - file /tmp/0000.jpg. + launching blender and then selecting "Render > Render Animation", writes + to the file /tmp/0001.jpg. This can be exploited by a malicious user to overwrite arbitrary files of another user using blender: - [EMAIL PROTECTED] ln -s /home/bob/thesis.tex /tmp/0000.jpg + [EMAIL PROTECTED] ln -s /home/bob/thesis.tex /tmp/0001.jpg -- insecure file access (breezy, dapper) https://launchpad.net/bugs/6671 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
