Security hole in the gedit plugin
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
seahorse-plugins |
Fix Released
|
High
|
|||
seahorse-plugins (Ubuntu) |
Fix Released
|
Medium
|
Ubuntu Desktop Bugs |
Bug Description
Binary package hint: seahorse-plugins
gedit package: 2.24.2-0ubuntu1 (intrepid-updates)
seahorse-plugins package: 2.24.1-0ubuntu1 (intrepid)
All texts processed by the seahorse plugin for gedit are silently sent to gedit's standard output. Consequently, when gedit is launched via a launcher or the applications menu, all texts processed by the plugin, including decrypted text, are sent to the ~/.xsession-errors log file which is by default world readable.
Any other user in the system is thus able to read the decrypted text until another session is restarted and the ~/.xsession-errors file is overwritten. Moreover, the decrypted text having been written to disk, it is remotely possible to recover it with a disk analysis, depending on the circumstances, all that without the user being aware of it.
Changed in seahorse-plugins: | |
status: | Unknown → Fix Released |
Changed in seahorse-plugins: | |
importance: | Unknown → High |
I confirm the described issue. Encrypted/decrypted texts from gedit are logged in plaintext to the ~/.xsession-errors log. This is really unwanted behaviour.