Proposing to host system-auth-agent in fdo
Alexander Larsson
alexl at redhat.com
Wed Oct 13 11:17:59 EEST 2004
On Tue, 2004-10-12 at 19:05 +0200, Carlos Garnacho wrote:
> In order to avoid malicious use of the program/API, there's a list of
> applications that are allowed to use the program, this list can be only
> handled by the root user, and the package already provides 2 commands to
> install/uninstall applications in that list (ideally, this will be
> handled transparently, during make install, rpm -i, dpkg -i, ...), so
> any application using this program will be there under the root user
> consent.
I'd like to point out that the way this is handled:
static char*
get_calling_app (void)
{
pid_t ppid = 0;
char path[PATH_MAX], *link;
int length;
ppid = getppid ();
sprintf (path, "/proc/%d/exe", ppid);
link = (char *) malloc (sizeof (char) * PATH_MAX);
length = readlink (path, link, PATH_MAX);
Isn't very secure. Basically, to overcome it you only need to do:
LD_PRELOAD=/tmp/evil_code.so /usr/bin/trusted_binary
Furthermore, the /proc use is linux-only.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl at redhat.com alla at lysator.liu.se
He's a shy dishevelled romance novelist in a wheelchair. She's a vivacious
gold-digging femme fatale who dreams of becoming Elvis. They fight crime!
More information about the xdg
mailing list