[MeeGo-security] [MeeGo-SA-10:14.polkit] pkexec Information Disclosure

Ware, Ryan R ryan.r.ware at intel.com
Fri Aug 27 16:22:25 PDT 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
==
MeeGo-SA-10:14.polkit                Security Advisory
                                                                MeeGo
Project

Topic:          pkexec Information Disclosure

Category:       Security
Module:         polkit
Announced:      August 3, 2010
Affects:        MeeGo 1.0
Corrected:      August 3, 2010
MeeGo BID: 2182
CVE:  none

For general information regarding MeeGo Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://www.MeeGo.com/>.

I.   Background

PolicyKit is a toolkit for defining and handling authorizations.
It is used for allowing unprivileged processes to speak to privileged
processes.

II.  Problem Description

Reproduce Steps(steps,current result, reproduce possibility)
===========================================================
http://bugs.freedesktop.org/show_bug.cgi?id=26982
$ mkdir secret 
$ sudo chown root:root secret
$ sudo chmod 400 secret
$ sudo touch secret/hidden
$ pkexec /home/drosenbe/secret/hidden
(password prompt) 
$ pkexec /home/drosenbe/secret/doesnotexist
Error getting information about /home/drosenbe/secret/doesnotexist: No
such file or directory

Expected result:
===========================================================

III. Impact

Allows local users to determine the existence of arbitrary files

IV.  Workaround

None

V.   Solution

Update to package polkit-0.95_git20090913-4.1 or later.

VI. References

http://bugs.meego.com/show_bug.cgi?id=2182

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.13 (Darwin)

iQEcBAEBAgAGBQJMeEPKAAoJECxjfBlj7RcKlhcH/AkN0c3h+me+OUqS6MYey8W4
FoG3xdzc8IBoWJlZ0K2EHlNqgAkv3h74xw786cOuNCChCXnA49iPZHQCNUKEm+mL
+91sXcEr+Mp/NsF9FArreHMsYc3VVtMVzkj4hh6R7SqFtHXWfGL+Q5jEaGSukW+w
m4dyMDWoq1J2p+etNVXetgvDpbbMx1DSWizU/6r6GYSXE0FT9Q9Vt6Tr2DifrhvP
cxzcaU1XXkEqLUMjTwDypxa/NUVpid1Arw/yE6hFo74rg53mhrIEi2eMz/bqbFd9
n0ThM2Lff5tX539p1P+WvDen0/K6L/pS9Rx1omowgmCFdJWIOYrChxOBD4hyoJQ=
=UsyQ
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: MeeGo-SA-10-14.polkit.txt.asc
Type: application/octet-stream
Size: 2127 bytes
Desc: not available
URL: <http://lists.meego.com/pipermail/meego-security/attachments/20100827/428b1bd1/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6711 bytes
Desc: not available
URL: <http://lists.meego.com/pipermail/meego-security/attachments/20100827/428b1bd1/attachment.bin>

More information about the MeeGo-security mailing list