[okular] [Bug 437672] Illegal/irrelevant file access

2021-05-28 Thread Erfan Khadem 
https://bugs.kde.org/show_bug.cgi?id=437672

--- Comment #4 from Erfan Khadem  ---
> Honestly I don't trust you have enough knowledge to be able to assure this, 
> because the only way to assure that is know what is causing the stats

I came to this conclusion because CUPS is a separate process, and I am not
tracking/limiting it. Feel free to correct me if I am wrong.

In any case, as you are suggesting that there is nothing to be worried about, I
am no longer interested in following this either.

-- 
You are receiving this mail because:
You are watching all bug changes.

[okular] [Bug 437672] Illegal/irrelevant file access

2021-05-27 Thread Erfan Khadem 
https://bugs.kde.org/show_bug.cgi?id=437672

--- Comment #2 from Erfan Khadem  ---
I would like to thank you for reviewing this report.

I can assure you that this has nothing to do with CUPS or any other third party
software. Also, you suggested that it can have something to do with the Qt
print dialog, so I should file a bug report somewhere else? I would highly
appreciate if you tell me what I should do next.

Best regards

-- 
You are receiving this mail because:
You are watching all bug changes.

[okular] [Bug 437672] New: Illegal/irrelevant file access

2021-05-25 Thread Erfan Khadem 
https://bugs.kde.org/show_bug.cgi?id=437672

Bug ID: 437672
   Summary: Illegal/irrelevant file access
   Product: okular
   Version: 1.9.3
  Platform: Ubuntu Packages
OS: Linux
Status: REPORTED
  Severity: normal
  Priority: NOR
 Component: general
  Assignee: okular-de...@kde.org
  Reporter: erfankhademe...@gmail.com
  Target Milestone: ---

Created attachment 138782
  --> https://bugs.kde.org/attachment.cgi?id=138782=edit
Firejail report

SUMMARY
I caught okular trying to access (syscall access) and open (syscall open64) my
dotfiles. I have attached the list of such operations as logged by firejail in
journal. It is worth noting that, the program tried to open only the following
four files, while it tried to access almost all of my dotfiles:

1. /home/erfan/.xinitrc
2. /home/erfan/.wget-hsts
3. /home/erfan/.gitconfig
4. /home/erfan/.vimrc

To find the exact list of files, search for "blacklist violation" in the
attachment.

I should also note that, I am using firejail's default profile for okular. by
default it restricts network access and denies any file operation outside of
/home/USER/Documents, and I found out about this weird behavior when the
application was denied such access. It is really weird if this kind of
operation is intended, as my document was in /home/erfan/Documents, so it
didn't have anything to do with my dotfiles etc.

I can reliably trigger this behavior if I do the exact same steps I described
bellow on my PC. I haven't tried this on any other distro/PC yet. So this might
very well be some malware in my PC :(

STEPS TO REPRODUCE
1. Install firejail and run okular using firejail's default profile for okular
2. Open any PDF document inside /home/USER/Documents
3. Try to print it. The access pattern should happen as soon as you hit Ctrl+P
to open printing dialog (No actual printing is required)

OBSERVED RESULT
The program tries to access files not related to printing, its configuration
and/or the document which is open.

SOFTWARE/OS VERSIONS
Ubuntu 20.04 LTS, up-to-date as of filing this report. Okular is installed from
the official repo using apt.

-- 
You are receiving this mail because:
You are watching all bug changes.