qrexec stderr pipes in /tmp are unsafe if there are low-privileged users #9097

DemiMarie · 2024-04-07T21:02:45Z

How to file a helpful issue

Qubes OS release

R4.2 but this problem predates R4.1

Brief summary

qrexec creates pipes in /tmp, but that isn’t safe because the names are predictable.

Steps to reproduce

Inspect /tmp on a running system.

Expected behavior

No named pipes with predictable names.

Actual behavior

Named pipes with predictable names.

The text was updated successfully, but these errors were encountered:

This avoids a privilege escalation from unprivileged users (not in the "qubes" group). Fixes: QubesOS/qubes-issues#9097

DemiMarie self-assigned this Apr 7, 2024

DemiMarie added a commit to DemiMarie/qubes-core-qrexec that referenced this issue Apr 7, 2024

Avoid using /tmp for qrexec return pipes

9b0691c

This avoids a privilege escalation from unprivileged users (not in the "qubes" group). Fixes: QubesOS/qubes-issues#9097

DemiMarie added a commit to DemiMarie/qubes-core-qrexec that referenced this issue Apr 7, 2024

Avoid using /tmp for qrexec return pipes

985a3ae

This avoids a privilege escalation from unprivileged users (not in the "qubes" group). Fixes: QubesOS/qubes-issues#9097

DemiMarie mentioned this issue Apr 7, 2024

Various bugfixes QubesOS/qubes-core-qrexec#139

Merged

DemiMarie added a commit to DemiMarie/qubes-core-qrexec that referenced this issue Apr 8, 2024

Avoid using /tmp for qrexec return pipes

6787a57

This avoids a privilege escalation from unprivileged users (not in the "qubes" group). Fixes: QubesOS/qubes-issues#9097

DemiMarie added a commit to DemiMarie/qubes-core-qrexec that referenced this issue Apr 9, 2024

Avoid using /tmp for qrexec return pipes

aaba8dc

This avoids a privilege escalation from unprivileged users (not in the "qubes" group). Fixes: QubesOS/qubes-issues#9097

DemiMarie added a commit to DemiMarie/qubes-core-qrexec that referenced this issue Apr 9, 2024

Avoid using /tmp for qrexec return pipes

ac9c9a4

This avoids a privilege escalation from unprivileged users (not in the "qubes" group). Fixes: QubesOS/qubes-issues#9097

DemiMarie added a commit to DemiMarie/qubes-core-qrexec that referenced this issue Apr 9, 2024

Avoid using /tmp for qrexec return pipes

47978ac

This avoids a privilege escalation from unprivileged users (not in the "qubes" group). Fixes: QubesOS/qubes-issues#9097

marmarek closed this as completed in QubesOS/qubes-core-qrexec#139 Apr 11, 2024

This was referenced May 9, 2024

core-qrexec v4.2.19 (r4.3) QubesOS/updates-status#4677

Closed

core-qrexec v4.2.19 (r4.2) QubesOS/updates-status#4681

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

qrexec stderr pipes in /tmp are unsafe if there are low-privileged users #9097

qrexec stderr pipes in /tmp are unsafe if there are low-privileged users #9097

DemiMarie commented Apr 7, 2024

qrexec stderr pipes in /tmp are unsafe if there are low-privileged users #9097

qrexec stderr pipes in /tmp are unsafe if there are low-privileged users #9097

Comments

DemiMarie commented Apr 7, 2024

Qubes OS release

Brief summary

Steps to reproduce

Expected behavior

Actual behavior