Page 1 of 2

[Solved]18.2 Sonya guest account accesses documents and pictures

Posted: Mon Jul 03, 2017 3:54 pm
by catch22
After upgrading to Mint 18.2 I was curious to try the guest account that's available automatically.
A nice feature - but to my surprise, in that account it was possible to go to some files in /home/pc_owner/pictures and also in /home/pc_owner/downloads.

Isn't the home of the pc-owner supposed to be protected from access 100 %?

It's no major issue for me - just curious to learn more :-)

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Mon Jul 03, 2017 4:20 pm
by JerryF
Check the permissions on your folders and files.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Mon Jul 03, 2017 4:47 pm
by Cosmo.
catch22 wrote:Isn't the home of the pc-owner supposed to be protected from access 100 %?
Yes, this should not be possible. Also I cannot reproduce it.

Please describe the exact steps, which brought you to the main account.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Mon Jul 03, 2017 5:08 pm
by catch22
Cosmo. wrote:Please describe the exact steps, which brought you to the main account.
Simply in Nemo I went to /home/myaccount/ and started trying if it was full proof.
The Dropbox and most other folders were secure - permission denied - but Documents let me have access to a LibreOffice odt file.
In terminal I started mocp and could play audio files that are in the Downloads folder.
In Pictures I could see all pics there. Not much to describe - it was plain open.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Mon Jul 03, 2017 5:16 pm
by MintBean
Check the permissions on your folders and files.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Mon Jul 03, 2017 5:27 pm
by Cosmo.
In the starting post you wrote, that this is an upgraded system. How did you upgrade exactly? I ask, because the official upgrade path is only open since a few hours.

How did you install LightDM (in case of an official upgrade).

And again: You wrote, that you went in Nemo to /home/myaccount. If I do this I get a popup, that because of missing permissions Home cannot be displayed, if I try to enter the path /home/user-name/Downloads or /home/user-name/Pictures I get the same. (Tests done with a fresh install of LM 18.2.)

So in case you have found a bug, we need a way to reproduce it.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Mon Jul 03, 2017 5:41 pm
by catch22
Cosmo. wrote:In the starting post you wrote, that this is an upgraded system. How did you upgrade exactly? I ask, because the official upgrade path is only open since a few hours.

How did you install LightDM (in case of an official upgrade).

And again: You wrote, that you went in Nemo to /home/myaccount. If I do this I get a popup, that because of missing permissions Home cannot be displayed, if I try to enter the path /home/user-name/Downloads or /home/user-name/Pictures I get the same. (Tests done with a fresh install of LM 18.2.)

So in case you have found a bug, we need a way to reproduce it.
The upgrade was from Mint18.1 via the Update Manager.
The lightdm I installed via instructions on the blog, like so:

Code: Select all

apt install slick-greeter lightdm-settings

Code: Select all

apt remove mdm
Unfortunately I will have to leave you in suspense, because I have to go to bed now and won't be able to test more till Wednesday evening earliest (working day ahead :( plus evening class)

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Mon Jul 03, 2017 6:36 pm
by Cosmo.
I have in the meantime upgraded a 18.1 system to 18.2 and installed LightDM. I confirm this problem and have opened an issue about this. This problem does only exist in upgraded systems, not in fresh installs of 18.2, so it was never possible to test this during the beta phase.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 2:41 am
by laederlappen
JerryF wrote:Check the permissions on your folders and files.
MintBean wrote:Check the permissions on your folders and files.
Guest-Session has AppArmor profile.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 11:36 am
by Cosmo.
Users of an upgraded 18.2 should at now not switch to LightDM or at least disable the guest account at once. This is a serious security hole in case of a local attacker. (Fresh installs of 18.2 are not affected.)

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 11:41 am
by MintBean
laederlappen wrote:Guest-Session has AppArmor profile.
Thanks for the info. 8)

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 5:01 pm
by catch22
Cosmo. wrote:Users of an upgraded 18.2 should at now not switch to LightDM or at least disable the guest account at once. This is a serious security hole in case of a local attacker. (Fresh installs of 18.2 are not affected.)
How do I disable this guest account?
When i go to Administration / Users and Groups it's not there!
I see my own account plus a guest account that I made myself previous to the upgrade.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 5:14 pm
by Pjotr
catch22 wrote:
Cosmo. wrote:Users of an upgraded 18.2 should at now not switch to LightDM or at least disable the guest account at once. This is a serious security hole in case of a local attacker. (Fresh installs of 18.2 are not affected.)
How do I disable this guest account?
When i go to Administration / Users and Groups it's not there!
I see my own account plus a guest account that I made myself previous to the upgrade.
Menu - Administration - Login Window

Set the switch to OFF for: Allow guest sessions

Reboot.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 5:23 pm
by catch22
Pjotr wrote: Menu - Administration - Login Window

Set the switch to OFF for: Allow guest sessions

Reboot.
Thanks :!:

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 6:12 pm
by Pjotr
Cosmo. wrote:Users of an upgraded 18.2 should at now not switch to LightDM or at least disable the guest account at once. This is a serious security hole in case of a local attacker. (Fresh installs of 18.2 are not affected.)
Maybe this could be a workaround, until there's a fix? In all of the other accounts:

Code: Select all

chmod -v 700 $HOME

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 6:27 pm
by laederlappen
Pjotr wrote:
Cosmo. wrote:Users of an upgraded 18.2 should at now not switch to LightDM or at least disable the guest account at once. This is a serious security hole in case of a local attacker. (Fresh installs of 18.2 are not affected.)
Maybe this could be a workaround, until there's a fix? In all of the other accounts:

Code: Select all

chmod -v 700 $HOME
Works.
Seems like 18.2 upgrade doesn't install AppArmor profile which 18.2 iso has.

[EDIT]

After testing 18.2 upgrade and 18.2 iso in a VM, I can confirm that both versions have lightdm-guest-session AppAmor profile.
However in 18.2 upgrade, I couldn't run command aa-status because package apparmor was not installed.
Then I installed apparmor in 18.2 upgrade and after rebooting the system, the profile lightdm-guest-session gets loaded and guest-session works as intended.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 6:58 pm
by Cosmo.
Pjotr wrote:
Cosmo. wrote:Users of an upgraded 18.2 should at now not switch to LightDM or at least disable the guest account at once. This is a serious security hole in case of a local attacker. (Fresh installs of 18.2 are not affected.)
Maybe this could be a workaround, until there's a fix? In all of the other accounts:

Code: Select all

chmod -v 700 $HOME
Correct, but in this case we don't need a guest account.

It is not the task of the users to fix a security hole, this is the task of the dev team (which did not respond in 24 hours). :shock:

@laederlappen:
Might be something in this direction. But the file /etc/apparmor.d/lightddm.guest.session does exist in both systems (the upgraded and the fresh installed) and they are identical. There are indeed some differences in /etc/apparmor and /etc/apparmor.d (which possibly should not exist), but surely not all of them are related to this bug and this makes investigating difficult. (E. G. One difference concerns Firefox, what has surely nothing to do with the guest account; but possibly another leak. I am not sure about this, but I am astonished about the difference.)

So for now I warn against switching to lightdm in an upgraded system!

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 7:10 pm
by laederlappen
@cosmo
I edited my previous post when you wrote your answer.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Tue Jul 04, 2017 7:31 pm
by Cosmo.
I confirm. apparmor is missing. This is either a bug in the upgrade mechanism or in the advice to switch to lightdm. I assume the first case.
There might be some reasons, why Clem left apparmor out in the upgrade process (like he did for lightdm), but in this case there would be the clear mistake in the instructions regarding lightdm, that also apparmor needs to get installed.

I confirm also, that after installing apparmor the guest session behaves as expected.

Re: 18.2 Sonya guest account accesses documents and pictures

Posted: Wed Jul 05, 2017 4:02 am
by Pjotr
It's not a bug in the upgrade mechanism, because that doesn't install LightDM in the first place.... It's apparently an omission in the how-to in the blog, for installing LightDM *after* the upgrade.

This is the current instruction:

Code: Select all

apt install slick-greeter lightdm-settings
Apparently it should be:

Code: Select all

apt install slick-greeter lightdm-settings apparmor
So I think a simple correction of the blog post announcing the availability of the upgrade path, should suffice. :)