[Libreoffice-bugs] [Bug 104992] New: Unintended information disclosure via Safe Mode

Thu, 29 Dec 2016 14:50:17 -0800 

https://bugs.documentfoundation.org/show_bug.cgi?id=104992

            Bug ID: 104992
           Summary: Unintended information disclosure via Safe Mode
           Product: LibreOffice
           Version: 5.4.0.0.alpha0+ Master
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: critical
          Priority: medium
         Component: framework
          Assignee: libreoffice-bugs@lists.freedesktop.org
          Reporter: kelem...@ubuntu.com

I got a bit worried about the possibility of unintended information disclosure
via Safe Mode.

Safe Mode gives an option to create a backup of the whole user profile, which
can be uploaded to this Bugzilla.

Although the user is warned on the UI like this:
"You can also include relevant parts of your user profile in the bugreport (be
aware it might contain personal data)."

I don't think this warning alone is enough. Scrubbing the sensitive data would
be a minimum.

In a test profile I set up a master password, a CMIS service, and a mail
account for mail merge, and all their data is included in the zip, for "further
analysis". In particular I see:

<item oor:path="/org.openoffice.Office.Common/Misc"><prop
oor:name="FilePickerPlacesNames" oor:op="fuse"><value><it>WebDAV -
CENSORED</it></value></prop></item>
<item oor:path="/org.openoffice.Office.Common/Misc"><prop
oor:name="FilePickerPlacesUrls"
oor:op="fuse"><value><it>https://CENSORED.gov.hu:443/</it></value></prop></item>

<item oor:path="/org.openoffice.Office.Common/Passwords"><prop
oor:name="HasMaster" oor:op="fuse"><value>true</value></prop></item>
<item oor:path="/org.openoffice.Office.Common/Passwords"><prop
oor:name="Master"
oor:op="fuse"><value>nehbfmdepkkdhbfjjflielklejpgjdbdgkpnnkcjglhimnnlmjfkbbdneplcipkclg</value></prop></item>
<item oor:path="/org.openoffice.Office.Common/Passwords/Store"><node
oor:name="https_3a_2f_2fCENSORED2egov_2ehu_2f__kelemeng" oor:op="replace"><prop
oor:name="Password" oor:op="fuse"><value>CENSORED</value></prop></node></item>

So an attacker can know I have access to CENSORED.gov.hu with user kelemeng.
Also my master passwords hash, and the passwords hash for
kelem...@censored.gov.hu.

Also bug #96672 is still not fixed, so you can have all my mail details
including the password, in plain text:

<item oor:path="/org.openoffice.Office.Writer/MailMergeWizard"><prop
oor:name="MailAddress"
oor:op="fuse"><value>kelem...@ubuntu.com</value></prop></item>
<item oor:path="/org.openoffice.Office.Writer/MailMergeWizard"><prop
oor:name="MailDisplayName" oor:op="fuse"><value>Gabor
Kelemen</value></prop></item>
<item oor:path="/org.openoffice.Office.Writer/MailMergeWizard"><prop
oor:name="MailPassword"
oor:op="fuse"><value>lofasznehogymatevagyabladerunner</value></prop></item>
<item oor:path="/org.openoffice.Office.Writer/MailMergeWizard"><prop
oor:name="MailServer" oor:op="fuse"><value>smtp.gmail.com</value></prop></item>
<item oor:path="/org.openoffice.Office.Writer/MailMergeWizard"><prop
oor:name="MailUserName"
oor:op="fuse"><value>censo...@gmail.com</value></prop></item>

Finally my personal details from the Options - User Data panel, which I might
want to share to people I share documents with, but probably not with the whole
world:

<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="c"
oor:op="fuse"><value>Hungary</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop
oor:name="facsimiletelephonenumber"
oor:op="fuse"><value>foo</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="fathersname"
oor:op="fuse"><value></value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="givenname"
oor:op="fuse"><value></value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="homephone"
oor:op="fuse"><value>foo</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="initials"
oor:op="fuse"><value>GK</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="l"
oor:op="fuse"><value>foo</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="mail"
oor:op="fuse"><value></value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="o"
oor:op="fuse"><value>ACME INC</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="position"
oor:op="fuse"><value>foo</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="postalcode"
oor:op="fuse"><value>foo</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="sn"
oor:op="fuse"><value>Gabor Kelemen</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="st"
oor:op="fuse"><value>foo</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="street"
oor:op="fuse"><value>foo</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop
oor:name="telephonenumber" oor:op="fuse"><value>foo</value></prop></item>
<item oor:path="/org.openoffice.UserProfile/Data"><prop oor:name="title"
oor:op="fuse"><value>foo</value></prop></item>

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
Libreoffice-bugs mailing list
Libreoffice-bugs@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs

Reply via email to