D12513: CVE-2018-10361: privilege escalation

Albert Astals Cid noreply at phabricator.kde.org
Sat May 5 19:34:18 UTC 2018


aacid added a comment.


  In D12513#257628 <https://phabricator.kde.org/D12513#257628>, @mgerstner wrote:
  
  > If you choose a different approach then you will have to open the target file explicitly, which raises other questions like how to safely replace symlinks. Of course such an approach can also be implemented safely. In any case a prudent handling of the temporary file handling improves trust in and robustness of the code and provides additional barriers should errors slip in in the future by way of refactoring or extending the code.
  
  
  Honestly i don't understand why i have to care about anything.
  
  If we drop privileges, it's just some code running with regular user level privileges, why are symlinks a problem?
  
  Because some malicious code can create symlinks that make the code write to file X when we wanted to write to file Y?
  
  Sure that's bad, but if you have in your system something that can create such symlink, it already has user level privileges, so it can already write to file X or file Y itself, without "exploiting" kate to do it.
  
  Or am I missing something?

REPOSITORY
  R39 KTextEditor

REVISION DETAIL
  https://phabricator.kde.org/D12513

To: cullmann, dfaure
Cc: mgerstner, aacid, ngraham, fvogt, cullmann, #frameworks, michaelh, kevinapavew, bruns, demsking, sars, dhaumann
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20180505/006b62cf/attachment-0001.html>


More information about the Kde-frameworks-devel mailing list