summaryrefslogtreecommitdiffstats
path: root/src/mobilesync.c
diff options
context:
space:
mode:
authorGravatar Federico Mena Quintero2013-07-02 13:38:36 -0500
committerGravatar Federico Mena Quintero2013-07-02 20:31:45 -0500
commita2ddca0916ef776dbd0c6304ea36b4ca7a35302c (patch)
treed744dbf3df01d57a6fea739181fa525d8ea2e97f /src/mobilesync.c
parent42892465d4522cf19283b8a06bf48104bb387430 (diff)
downloadlibimobiledevice-a2ddca0916ef776dbd0c6304ea36b4ca7a35302c.tar.gz
libimobiledevice-a2ddca0916ef776dbd0c6304ea36b4ca7a35302c.tar.bz2
Bug #331 - Don't create a /tmp/root directory insecurely
When finding the user's home directory to generate a subdirectory in $HOME/.config, we would fall back to /tmp if there were no environment variables for HOME or XDG_CONFIG_HOME. Since libimobiledevice gets used by upower, and since upowerd runs as root, this would cause a /tmp/root directory to be created insecurely, leaving upowerd vulnerable to a symlink attack. Now we fall back to getpwuid_r() to find the user's home directory if it is not provided in environment variables - this is the case when upowerd gets run via systemd, for example. The result is that we'll end up creating /root/.config, a safe directory, since regular users cannot create symlinks in /root. In the future we'll need a way for libimobiledevice to find where to store its pairing data on behalf of the console user, rather than writing it to /root. http://libiphone.lighthouseapp.com/projects/27916-libiphone/tickets/331-insecure-tmp-directory-use
Diffstat (limited to 'src/mobilesync.c')
0 files changed, 0 insertions, 0 deletions