Proposing to host system-auth-agent in fdo

Alexander Larsson alexl at redhat.com
Thu Oct 14 11:31:55 EEST 2004


On Wed, 2004-10-13 at 21:01 +0200, Carlos Garnacho wrote:
> 
> I hope that this clarifies that all the important checks are done in
> the setuid program provided by the auth agent, which isn't theorically
> affected by the LD_PRELOAD stuff, and that it will only run things
> without being asked for password once the user enters the root
> password at least one time and explicitly says that he's allowed to do
> this task.

Well. LD_PRELOAD never directly affects the system-auth-agent process,
or the children it spawns. However, it does affect the user app
(control-center here), so the action in your step 3,"checks that
control-center is authorized to use it" is in fact a no-op, since it
doesn't really verify that the control-center code is running. In this
case its really evil.so thats running.

I'm not saying this is an root exploit or anything, just that the actual
check for authenticating which apps are allowed to start root apps isn't
secure. You still have to type in the root password (unless it was
cached...)

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Alexander Larsson                                            Red Hat, Inc 
                   alexl at redhat.com    alla at lysator.liu.se 
He's a fast talking native American senator haunted by an iconic dead American 
confidante She's a brilliant green-skinned snake charmer in the wrong place at 
the wrong time. They fight crime! 




More information about the xdg mailing list