Security hole in the gedit plugin
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| seahorse-plugins |
Fix Released
|
High
|
|||
| seahorse-plugins (Ubuntu) |
Fix Released
|
Medium
|
Ubuntu Desktop Bugs | ||
Bug Description
Binary package hint: seahorse-plugins
gedit package: 2.24.2-0ubuntu1 (intrepid-updates)
seahorse-plugins package: 2.24.1-0ubuntu1 (intrepid)
All texts processed by the seahorse plugin for gedit are silently sent to gedit's standard output. Consequently, when gedit is launched via a launcher or the applications menu, all texts processed by the plugin, including decrypted text, are sent to the ~/.xsession-errors log file which is by default world readable.
Any other user in the system is thus able to read the decrypted text until another session is restarted and the ~/.xsession-errors file is overwritten. Moreover, the decrypted text having been written to disk, it is remotely possible to recover it with a disk analysis, depending on the circumstances, all that without the user being aware of it.
| Jean-Peer Lorenz (peer.loz) wrote | #1 |
| Sebastien Bacher (seb128) wrote | #2 |
| Changed in seahorse-plugins: | |
| importance: | Undecided → Medium |
| Andreas Moog (ampelbein) wrote | #3 |
| Changed in seahorse-plugins: | |
| assignee: | nobody → desktop-bugs |
| Andreas Moog (ampelbein) wrote | #4 |
| Changed in seahorse-plugins: | |
| status: | New → Fix Committed |
| Changed in seahorse-plugins: | |
| status: | Unknown → Fix Released |
| Andreas Moog (ampelbein) wrote | #5 |
| Changed in seahorse-plugins: | |
| status: | Fix Committed → Fix Released |
| Changed in seahorse-plugins: | |
| importance: | Unknown → High |
I confirm the described issue. Encrypted/decrypted texts from gedit are logged in plaintext to the ~/.xsession-errors log. This is really unwanted behaviour.