Conda Constructor Excessive Permissions Vulnerability During Installation
Vulnerability
A vulnerability in Conda Constructor versions prior to 3.13.0 allows excessive permissions to be granted during the installation process. The installation directory inherits permissions from its parent, which can be very permissive and allow write access to authenticated users. This issue creates a local attack vector if the installation occurs in a directory accessible to local users. For single-user installations in shared directories, these permissions persist after installation.
Impact
The vulnerability allows any logged-in user to modify files in the installation directory during the installation process, potentially leading to unauthorized changes or the introduction of malicious files. In single-user installations on shared drives, these excessive permissions remain after the installation is complete.
Remediation
The vulnerability has been patched in Conda Constructor version 3.13.0. In this version, the installation process has been updated to remove write access for users, except for the installing user in single-user installations.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.