The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome glib 2.0 |
||
opensuse opensuse 11.1 |
||
opensuse opensuse 11.0 |
||
suse suse linux enterprise server 11 |