[pulseaudio-tickets] [PulseAudio] #215: Pulse + su + autospawn = root perms on /tmp/pulse-$USER
PulseAudio
trac-noreply at tango.0pointer.de
Sat Jan 12 06:29:33 PST 2008
#215: Pulse + su + autospawn = root perms on /tmp/pulse-$USER
---------------------+------------------------------------------------------
Reporter: coling | Owner: lennart
Type: defect | Status: new
Priority: normal | Milestone:
Component: daemon | Severity: normal
Resolution: | Keywords:
---------------------+------------------------------------------------------
Comment (by coling):
I think that this issue stems from the output of the function
pa_get_user_name in [source:trunk/src/pulse/util.c@#L67]. On my system
when I do a plain {{{su}}} $USER == my original username, not "root".
I've confirmed this via a small test app:
{{{
#!c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
int main()
{
uid_t uid = getuid();
gid_t gid = getgid();
printf("%d - %d\n", uid, gid);
char *p;
if (!(p = getenv("USER")) && !(p = getenv("LOGNAME")) && !(p =
getenv("USERNAME")))
{
printf("Not got env....\n");
}
else
{
printf("Found %s from env\n", p);
}
return 0;
}
}}}
This produces the following output:
{{{
[colin at jimmy pulseaudio]$ g++ -o test test.c
[colin at jimmy pulseaudio]$ ./test
603 - 603
Found colin from env
[colin at jimmy pulseaudio]$ su
Password:
[root at jimmy pulseaudio]# ./test
0 - 0
Found colin from env
[root at jimmy pulseaudio]# exit
[colin at jimmy pulseaudio]$ sudo -s
[root at jimmy pulseaudio]# ./test
0 - 0
Found root from env
[root at jimmy pulseaudio]# exit
[colin at jimmy pulseaudio]$ pwd
/home/colin/Development/Personal/Checkouts/pulseaudio
[colin at jimmy pulseaudio]$ su -
Password:
[root at jimmy ~]# cd /home/colin/Development/Personal/Checkouts/pulseaudio
[root at jimmy pulseaudio]# ./test
0 - 0
Found root from env
[colin at jimmy pulseaudio]$ sudo -i
[root at jimmy ~]# cd /home/colin/Development/Personal/Checkouts/pulseaudio
[root at jimmy pulseaudio]# ./test
0 - 0
Found root from env
}}}
As can be seen from the above, {{{su}}} is the only one of the four
commands that does not set $USER to "root".
I have tested this on a Mandriva Cooker system and on a CentOS 5 system
with the same results. I've yet to try on any other distros.
Col
--
Ticket URL: <http://www.pulseaudio.org/ticket/215#comment:2>
PulseAudio <http://pulseaudio.org/>
The PulseAudio Sound Server
More information about the pulseaudio-bugs
mailing list