LD_LIBRARY_PATH in /usr/bin/exaile potentially security issue
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Exaile |
Invalid
|
High
|
Johannes Sasongko | ||
| exaile (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: exaile
/usr/bin/exaile contains the following:
$> cat /usr/bin/exaile
#!/bin/sh
cd /usr/share/exaile
export LD_LIBRARY_
export MOZILLA_FIVE_HOME=
exec python /usr/lib/
This is a potential problem because of this:
http://
It should be defined as this post suggest (http://
):
#!/bin/sh
cd /usr/share/exaile
export LD_LIBRARY_
export MOZILLA_FIVE_HOME=
exec python /usr/lib/
In other words, if LD_LIBRARY_PATH is not set (or set but empty), LD_LIBRARY_PATH should only be "/usr/lib/firefox". Without this fix, it would be defined as: ":/usr/
Other References:
CVE-2005-4790
CVE-2005-4791
| Luis Mondesi (lemsx1) wrote | #1 |
| Johannes Sasongko (sjohannes) wrote | #2 |
| Changed in exaile: | |
| assignee: | nobody → sjohannes |
| importance: | Undecided → High |
| milestone: | none → 0.2.12 |
| status: | New → In Progress |
| Johannes Sasongko (sjohannes) wrote | #3 |
| Changed in exaile: | |
| status: | In Progress → Invalid |
| Changed in exaile: | |
| status: | New → Fix Released |
Sorry, this is the correct code:
#!/bin/sh
cd /usr/share/exaile
export LD_LIBRARY_
export MOZILLA_FIVE_HOME=
exec python /usr/lib/
Should've tested more:
$> export FOO=THIS
$> echo ${FOO:+$FOO:}BAR
THIS:BAR
$> export FOO=
$> echo ${FOO:+$FOO:}BAR
BAR
$>unset FOO
$> echo ${FOO:+$FOO:}BAR
BAR