Impact
Data used by the dropby applet is stored in a host system location that is accessible to any user who has local access to the system.
The data file format is easily guessable; this potentially allows a local attacker to pre-create this file and control whether to display or close the dropby window. This can confuse the end-user.
A denial-of-service will also be possible e.g. by placing a FIFO there. Since the applet runs in the same thread for the budgie panel, by crashing the applet this can crash the entire panel.
Patches
The fix has been resolved in a patch release v1.7.1
Workarounds
This issue can be mitigated if there is only one user account on the system and limiting physical access to other users to the host system.
References
None.
samlane-ma Analyst
eslerm Sponsor
fossfreedom Remediation verifier
Impact
Data used by the dropby applet is stored in a host system location that is accessible to any user who has local access to the system.
The data file format is easily guessable; this potentially allows a local attacker to pre-create this file and control whether to display or close the dropby window. This can confuse the end-user.
A denial-of-service will also be possible e.g. by placing a FIFO there. Since the applet runs in the same thread for the budgie panel, by crashing the applet this can crash the entire panel.
Patches
The fix has been resolved in a patch release v1.7.1
Workarounds
This issue can be mitigated if there is only one user account on the system and limiting physical access to other users to the host system.
References
None.