gufw-developers team mailing list archive

[Bernd Dietzel <1410839@xxxxxxxxxxxxxxxxxx>]

My default language is german. 
i have 4 files in /etc/gufw/

gufw.cfg
Öffentlich.profile
Office.profile
Zu_Hause.profile

Öffentlich means "Public" in german language.
Zu_Hause means "At Home" in german language.
By the way ... "Office".profile should have the name "Büro.profile".


I think the problem ist that os.rename can not rename a file that no longer exists because it is already renamed.
There should be a "If the file Public.profile exists then rename it" in the code before renaming it at all.

-----

Meanwhile i commentet out the renaming stuff and gufw starts normaly ,
so i was able to test if the shell command injection problem i still there or not, 

the code seems to be OK now .... great !

-- 
You received this bug notification because you are a member of Gufw
Developers, which is subscribed to Gufw.
https://bugs.launchpad.net/bugs/1410839

Title:
  Shell Command injection in ufw_backend.py

Status in Gufw:
  Fix Committed

Bug description:
  Firewall Administrators can be tricked by someone to export a profile
  with Gufw to an special crafted file or path name wich contains shell
  code.

  reason is this line in ufw_backend.py :

  def export_profile(self, profile, file):
      commands.getstatusoutput('cp /etc/gufw/' + profile + '.profile ' + file + ' ; chmod 777 ' + file)

  The rename and delete funktions are also unsave if profile name
  contains shell code, like semicolons.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gui-ufw/+bug/1410839/+subscriptions