|
|
Subscribe / Log in / New account

gummi: predictable filenames in /tmp

Package(s):gummi CVE #(s):CVE-2015-7758
Created:December 28, 2015 Updated:February 25, 2016
Description: From the Debian bug report:

Package: gummi
Version: 0.6.5-3
Severity: normal

I opened a file called thesis.tex in gummi, this created the following files in /tmp:

-rw-r--r-- 1 jak jak 3196 Jul 29 21:39 .thesis.tex.aux
-rw-r--r-- 1 jak jak 42672 Jul 29 21:39 .thesis.tex.log
-rw-r--r-- 1 jak jak 559 Jul 29 21:39 .thesis.tex.out
-rw-r--r-- 1 jak jak 266755 Jul 29 21:39 .thesis.tex.pdf
-rw-r--r-- 1 jak jak 885 Jul 29 21:39 .thesis.tex.toc

Obviously, this has serious implications for multi-user systems, because two users editing a file with the same name would write to the same files in /tmp.

Alerts:
openSUSE openSUSE-SU-2015:2369-1 gummi 2015-12-27
Fedora FEDORA-2016-94b0b50351 gummi 2016-03-09
Fedora FEDORA-2016-e21be93421 gummi 2016-03-09
openSUSE openSUSE-SU-2016:0574-1 gummi 2016-02-25
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds