Package: apollon Version: 1.0.1-2 Severity: normal I don't know if this is a bug on Apollon or gift, sorry if I've repoted this to the wrong package.
Well, I have a desktop computer, that is shared with my family (dad, sister, etc...) and each member of my family has a different login and password at the system. So, no user has permission to read/write/view anything on other user's /home folder. The problem begins that many files that other user gets on Apollon, it goes to the shared folder of MY user, that the user hasn't permissions to do nothing! The same occurs with many files that I get with my user, many files that are downloading goes to the shared folder of other user of pc, that my user don't have any permissions to do it, and the file doesn't go to the shared folder configured in Apollon to MY user, it goes to the shared folder of OTHER USER. And, another problem related with this, is that all downloading files or downloaded files done by my user, are visible to other users when they open Apollon. I've already checked and revised all user permissions at my system, and the problem doesn't go away. So, it's very probably to be a serious vulnerability in Apollon/giFT or, less probably, a serious Kernel bug of privileges escalation. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-386 Locale: LANG=pt_BR, LC_CTYPE=pt_BR (charmap=ISO-8859-1) Versions of packages apollon depends on: ii kdelibs4 4:3.3.2-4.0.2 KDE core libraries ii libart-2.0-2 2.3.17-1 Library of functions for 2D graphi ii libaudio2 1.7-2 The Network Audio System (NAS). (s ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libfam0c102 2.7.0-6 client library to control the FAM ii libfontconfig1 2.3.1-2 generic font configuration library ii libfreetype6 2.1.7-2.3 FreeType 2 font engine, shared lib ii libgcc1 1:3.4.3-6 GCC support library ii libgift0 0.11.8.1-1 helper library for various giFT co ii libice6 4.3.0.dfsg.1-10 Inter-Client Exchange library ii libidn11 0.5.13-1.0 GNU libidn library, implementation ii libpng12-0 1.2.8rel-1 PNG library - runtime ii libqt3c102-mt 3:3.3.4-2 Qt GUI Library (Threaded runtime v ii libsm6 4.3.0.dfsg.1-12.0.1 X Window System Session Management ii libstdc++5 1:3.3.5-8 The GNU Standard C++ Library v3 ii libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li ii libxcursor1 1.1.3-1 X cursor management library ii libxext6 4.3.0.dfsg.1-10 X Window System miscellaneous exte ii libxft2 2.1.2-6 FreeType-based font drawing librar ii libxrandr2 4.3.0.dfsg.1-10 X Window System Resize, Rotate and ii libxrender1 0.8.3-7 X Rendering Extension client libra ii libxt6 4.3.0.dfsg.1-10 X Toolkit Intrinsics ii xlibs 4.3.0.dfsg.1-12 X Keyboard Extension (XKB) configu ii zlib1g 1:1.2.2-3 compression library - runtime -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
