Proposing to host system-auth-agent in fdo

David Collier-Brown davec-b at
Mon Oct 18 00:38:17 EEST 2004

Carlos Garnacho <carlosg at> wrote:
>>I'm not saying this is an root exploit or anything, just that the actual
>>check for authenticating which apps are allowed to start root apps isn't
>>secure. You still have to type in the root password (unless it was
> Ok, the program that uses the API could still be affected by LD_PRELOAD,
> but let's suppose the next scenario:
> Joe tries to do weird stuff, writes a .so file that replaces getuid()
> calls to impersonate Frank and tries to run "rm -rf /", runs
> control-center with LD_PRELOAD
> 1) system-auth-manager will still know which is the calling user, as it
> isn't affected by LD_PRELOAD
> 2) system-auth-manager will check that user Joe is allowed to run the
> "rm" command, if he isn't, the root password will be requested, and the
> whole LD_PRELOAD won't be effective at all. 

	Will Linux load an LD_PRELOAD from a non-root-owned
	directory tree for a setuid executable?

	That's one of the checks that the "Linker Aliens" (the
	dynamic linker team at Sun, who I used to work with)
	asked to be made part of the security standard for

	If not, what's the appropriate list to discuss **that** on?

--dave (former professional paranoid) c-b
David Collier-Brown,         | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
davecb at           |                      -- Mark Twain

More information about the xdg mailing list