*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Jamie Strandboge
(jdstrand):
Binary package hint: nautilus
$ ls -l
total 8
lrwxrwxrwx 1 louis louis 30 2008-11-21 19:17 Link to test-file ->
/home/louis/tmp/test/test-file
-rw-r--r-- 1 louis louis 6107 2008-11-15 22:16 test-file
$
$ # after copy and paste in nautilus
$ ls -l
total 8
lrwxrwxrwx 1 louis louis 30 2008-11-21 19:17 Link to test-file ->
/home/louis/tmp/test/test-file
lrwxrwxrwx 1 louis louis 30 2008-11-21 19:19 Link to test-file (copy) ->
/home/louis/tmp/test/test-file
-rwxrwxrwx 1 louis louis 6107 2008-11-21 19:17 test-file
$
$ nautilus --version
GNOME nautilus 2.22.5.1
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 8.04.1
Release: 8.04
Codename: hardy
I consider this a serious security problem.
Louis Jean-Richard
** Affects: nautilus (Ubuntu)
Importance: Undecided
Status: New
--
cut and paste of link alters permissions of linked file.
https://bugs.launchpad.net/bugs/300777
You received this bug notification because you are a member of Ubuntu Bugs,
which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
