[Secure-testing-team] Bug#708924: nodau: Unsafe handling of temporary files when using external editor
Salvatore Bonaccorso
carnil at debian.org
Sun May 19 13:02:19 UTC 2013
Package: nodau
Version: 0.3.1-1
Severity: important
Tags: security upstream
Control: forwarded -1 https://github.com/darkrose/nodau/issues/17
[opened in Debian to track the issue]
nodau unsafely handles temporary files when using external editor,
possibly allowing a malicious user to overwrite files or disclose
information (but on recent kernels fs.protected_symlinks might need to
be disabled).
But in any case notes contents are leaked (depending on user umask,
opening an existing note) in /tmp/nodau.$timestamp.
Prerequisite for this to happen is that user sets either $EDITOR
environment variable or external_editor setting in
~/.config/nodau/nodau.conf.
Salvatore
More information about the Secure-testing-team
mailing list