Bug #331 - Don't create a /tmp/root directory insecurely

When finding the user's home directory to generate a subdirectory in $HOME/.config, we would
fall back to /tmp if there were no environment variables for HOME or XDG_CONFIG_HOME.

Since libimobiledevice gets used by upower, and since upowerd runs as root, this would cause
a /tmp/root directory to be created insecurely, leaving upowerd vulnerable to a symlink attack.

Now we fall back to getpwuid_r() to find the user's home directory if it is not provided
in environment variables - this is the case when upowerd gets run via systemd, for example.
The result is that we'll end up creating /root/.config, a safe directory, since regular
users cannot create symlinks in /root.

In the future we'll need a way for libimobiledevice to find where to store its pairing data
on behalf of the console user, rather than writing it to /root.

http://libiphone.lighthouseapp.com/projects/27916-libiphone/tickets/331-insecure-tmp-directory-use

0 files changed, 0 insertions, 0 deletions