F-01 — Cross-tenant file disclosure via shared /tmp on alwaysdata SSH host `ssh1` METADATA-ONLY scope evidence. Collected 2026-07-02. IMPORTANT ETHICS NOTE ===================== The ONLY file content read during this research was the researcher's own canary file, written by Account A (steve-william) and read by Account B (test-domain) — both accounts owned by the researcher. Everything below about OTHER customers is METADATA ONLY: filename, owner, mode, size, and the readability bit from `[ -r "$f" ]`. No third-party file CONTENT was read, exfiltrated, or retained, per the program's "do not exfiltrate / do not retain sensitive information" rule. HOST / KERNEL ============= Physical SSH host : ssh1 Kernel : 6.18.30-alwaysdata Reached via : ssh-.alwaysdata.net Account A (writer) : ssh-steve-william.alwaysdata.net slug steve-william uid 530469 -> ssh1 Account B (reader) : ssh-test-domain.alwaysdata.net slug test-domain uid 530478 -> ssh1 (Account B is a DIFFERENT customer / UID from Account A) ISOLATION BOUNDARIES THAT ARE INTACT (narrows finding to /tmp only) =================================================================== /home directory : mode 711 -> cannot be listed per-account home : mode 770 -> NOT readable by other accounts (home isolation OK) 882 account home directories present on ssh1 (from `ls /home | wc -l` count only) process isolation : hidepid in effect -> an account sees only its own processes /proc environ leak : 0 (no cross-account /proc//environ leakage) THE BROKEN BOUNDARY — SHARED /tmp ================================= /tmp mode : drwxrwxrwt (1777) — shared by ALL accounts, NOT polyinstantiated platform umask : 0022 (observed from Account B: `umask` -> 0022) new-file mode : a freshly created /tmp file lands mode 644 (world-readable) e.g. Account B's own new /tmp file: owner test-domain mode 644 /tmp population at test time: total files : 203 distinct owners : 48 Readability of OTHER tenants' /tmp files, from Account B (verified via `[ -r "$f" ]` — a permission test, NOT a content read): READABLE files : 65 distinct OTHER live customer accounts owning those readable files : 12 Owner breakdown of the 65 readable files (owner -> file count where noted): clariback 20 attatcn 19 storioscope_ssh 11 dhiaa_Admin 5 lycotech (readable) yes (readable) xtn (readable) orbitechmaintanance (readable) nerudaarchives_codex (readable) indio (readable) ( + additional owners rounding out the 12 distinct accounts / 65 files ) CANARY PROOF (researcher-owned, cross-tenant read) ================================================== Step 1 (as Account A, steve-william, uid 530469): echo "CANARY_A_secret_9f2b7c1e_ONLY_A_WROTE_THIS :: written by account steve-william(A) at uid=530469" \ > /tmp/CANARY_A_secret_9f2b7c1e_ONLY_A_WROTE_THIS.txt chmod 644 /tmp/CANARY_A_secret_9f2b7c1e_ONLY_A_WROTE_THIS.txt -> file created: owner steve-william, mode 644 Step 2 (as Account B, test-domain, uid 530478 — different tenant): stat /tmp/CANARY_A_secret_9f2b7c1e_ONLY_A_WROTE_THIS.txt -> owner=steve-william mode=644 (B sees a file it does not own) cat /tmp/CANARY_A_secret_9f2b7c1e_ONLY_A_WROTE_THIS.txt -> "CANARY_A_secret_9f2b7c1e_ONLY_A_WROTE_THIS :: written by account steve-william(A) at Thu Jul 2 12:45:53 UTC 2026 uid=530469" => Account B read Account A's file across the tenant boundary. CONFIRMED. /tmp LISTING SAMPLE — filenames + owners + perms ONLY (no content read) ====================================================================== Sensitive filename CLASSES observed on other tenants (metadata only): owner attatcn: -rw-r--r-- attatcn inject_config.py (config script) owner storioscope_ssh: -rw-r--r-- storioscope_ssh storioscope-security-*.tgz (~41-108 KB source archive) -rw-r--r-- storioscope_ssh storioscope-pre-security-*.tgz (source archive) owner nerudaarchives_codex: -rw-r--r-- nerudaarchives_codex omeka_db_env_2388891 (database env file) owner benech: -rw-r--r-- benech att_fin_798.pdf (financial PDF) -rw-r--r-- benech att_fin_839.pdf (financial PDF) owner avioeroon: -rw-r--r-- avioeroon bitcoin-local-backup-* (crypto wallet backup) -rw-r--r-- avioeroon bitcoin-next.log (crypto log) NOTE: all lines above are `ls -l` / `stat` metadata (name, owner, mode, size). No byte of any of these third-party files was ever read or stored. ESCALATION (identified, NOT exploited against real victims) =========================================================== A world-readable DB `.env` / config file in /tmp would yield DB credentials. alwaysdata DB endpoints are remotely reachable: mysql-.alwaysdata.net:3306 postgresql-.alwaysdata.net:5432 => passive /tmp read could pivot into another tenant's database. This escalation was NOT performed against any real victim. PRIOR ART CHECK =============== Not present in the public Flyspray tracker (FS#333–362).