CVE-2009-3289

Name of the Vulnerable Software and Affected Versions glib version 2.0

Description The issue allows user-assisted local users to modify files of other users. This is demonstrated by using Nautilus to modify the permissions of the user home directory. The g file copy function sets the permissions of a target file to the permissions of a symbolic link, which has permissions set to 777.

Recommendations For glib version 2.0, consider restricting the use of the g file copy function until a patch is available to prevent unintended permission changes. As a temporary workaround, avoid using Nautilus to modify file permissions to minimize the risk of exploitation.