Jakub Wilk
2012-Feb-09 23:05 UTC
[Secure-testing-team] Bug#659296: surf: world-readable cookie jar
Package: surf
Version: 0.4.1-4.1
Severity: grave
Tags: security
Justification: user security hole
$ ls -ld ~/.surf/{,cookies.txt}
drwxr-xr-x 2 user users 4096 Feb 9 22:59 /home/user/.surf/
-rw-r--r-- 1 user users 406 Feb 9 22:59 /home/user/.surf/cookies.txt
This allows local users to steal cookies.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, ''testing'')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Versions of packages surf depends on:
ii libatk1.0-0 2.2.0-2
ii libc6 2.13-26
ii libcairo2 1.10.2-6.2
ii libfontconfig1 2.8.0-3.1
ii libfreetype6 2.4.8-1
ii libgdk-pixbuf2.0-0 2.24.0-2
ii libglib2.0-0 2.30.2-6
ii libgtk2.0-0 2.24.8-3
ii libpango1.0-0 1.29.4-2
ii libsoup2.4-1 2.34.3-1
ii libwebkitgtk-1.0-0 1.6.1-5+b1
ii libx11-6 2:1.4.4-4
ii suckless-tools 38-1
ii wget 1.13.4-2
ii x11-utils 7.6+4
ii xterm 276-2
--
Jakub Wilk