Bug 20444

Summary: Themes try to use files in /home/raster
Product: [Retired] Red Hat Linux Reporter: Trond Eivind Glomsrxd <teg>
Component: gtk-enginesAssignee: Owen Taylor <otaylor>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0CC: nalin
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-11-07 15:40:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Trond Eivind Glomsrxd 2000-11-06 23:27:40 UTC 
Some themes try to access files in /home/raster:

[teg@halden themes]$ find -type f |xargs grep /home/raster
./BeCool/gtk/gtkrc:#module_path ".:/home/raster/themes"
./Gradient/gtk/gtkrc:#module_path ".:/home/raster/themes"
./Notif/gtk/gtkrc:#module_path ".:/home/raster/themes"
./Notif/gtk/gtkrc:pixmap_path ".:/home/raster/themes"
./Pixmap/gtk/gtkrc:#module_path ".:/home/raster/themes"
./Redmond95/gtk/gtkrc:#module_path ".:/home/raster/themes"
./Redmond95/gtk/gtkrc:pixmap_path ".:/home/raster/themes"
[teg@halden themes]$

I discovered this when my computer tried mounting that directory...
Nalin, being the paranoid security guy he is, wonders if this means someone
owning that directory could explot this securitywise...
Comment 1 Owen Taylor 2001-01-17 19:33:37 UTC 
Fixed in gtk-engines-0.10-11.

I don't believe there is a real security issue:

 a) The attacker would have to own /home/raster, which probably means
    they are root.

 b) There would have to be an exploitable buffer overflow in libjpeg
    or libpng, which would be a bigger problem for other reasons.
    (like email attachments)