Mailinglist Archive: opensuse-bugs (9718 mails)
| < Previous | Next > |
[Bug 342683] New: konqueror ignores umask when copying files
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Mon, 19 Nov 2007 04:33:15 -0700 (MST)
- Message-id: <bug-342683-21960@xxxxxxxxxxxxxxxxxxxxxxxxx/>
https://bugzilla.novell.com/show_bug.cgi?id=342683
Summary: konqueror ignores umask when copying files
Product: openSUSE 10.2
Version: Final
Platform: x86-64
OS/Version: openSUSE 10.2
Status: NEW
Severity: Normal
Priority: P5 - None
Component: KDE
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: R.Vickers@xxxxxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
I work on a shared system, and therefore always run with a umask of 077. I was
alarmed to discover that Konqueror appears to ignore this umask when copying
files, thus creating a security exposure.
To reproduce:
$ umask 077
$ touch junk1
$ chmod a+r junk1
$ konqueror &
Navigate to junk1, then use right-click to copy it to junk2
$ ls -l junk*
The example above may not look like a security exposure, but the same thing
happens if the file being copied is on a password-protected SMB share. Products
such as cp, tar and scp honour the umask unless told not to.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Summary: konqueror ignores umask when copying files
Product: openSUSE 10.2
Version: Final
Platform: x86-64
OS/Version: openSUSE 10.2
Status: NEW
Severity: Normal
Priority: P5 - None
Component: KDE
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: R.Vickers@xxxxxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
I work on a shared system, and therefore always run with a umask of 077. I was
alarmed to discover that Konqueror appears to ignore this umask when copying
files, thus creating a security exposure.
To reproduce:
$ umask 077
$ touch junk1
$ chmod a+r junk1
$ konqueror &
Navigate to junk1, then use right-click to copy it to junk2
$ ls -l junk*
The example above may not look like a security exposure, but the same thing
happens if the file being copied is on a password-protected SMB share. Products
such as cp, tar and scp honour the umask unless told not to.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |