Good to have it fixed in trunk. Could you also post a news item to inform users about the issue. Users should be advised to only join remote games that are hosted by people they trust. I initially marked this as security vulneralibility, so this bug has limited visibility.
-- You received this bug notification because you are a member of Widelands Developers, which is a direct subscriber. https://bugs.launchpad.net/bugs/724344 Title: Security issue in sending files in network game Status in Widelands: Fix Committed Bug description: Network games have capability to send savegames and maps over network. Receiving player first checks if the file exists, and if it exists, existing file is renamed before new file is received. Handling of the received file is not secure as FileSystem classes support using ".." in path to go out of filesystem root. For example sending a file name like "../.bashrc" allows some nasty things to happen. To fix this issue either FileSystem code should enforce that file accesses stay within created file system's root. Alternatively paths coming from network should be validated and "..", "~" and "/" accesses should be filtered out. Perhaps it's wise to implement both. _______________________________________________ Mailing list: https://launchpad.net/~widelands-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~widelands-dev More help : https://help.launchpad.net/ListHelp
