Описание
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.
It was found that the system umask policy is not being honored when creating XDG user directories (~/Desktop etc) on first login. This could lead to user's files being inadvertently exposed to other local users.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | xdg-user-dirs | Will not fix | ||
| Red Hat Enterprise Linux 7 | xdg-user-dirs | Fixed | RHSA-2018:0842 | 10.04.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.
It was found that system umask policy is not being honored when creati ...
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.
ELSA-2018-0842: xdg-user-dirs security and bug fix update (LOW)
EPSS
3.3 Low
CVSS3