Proposing to host system-auth-agent in fdo
Carlos Perello Marin
carlos at pemas.net
Mon Oct 18 02:24:29 EEST 2004
On Sun, 2004-10-17 at 17:38 -0400, David Collier-Brown wrote:
> Carlos Garnacho <carlosg at gnome.org> wrote:
> >>I'm not saying this is an root exploit or anything, just that the actual
> >>check for authenticating which apps are allowed to start root apps isn't
> >>secure. You still have to type in the root password (unless it was
> > Ok, the program that uses the API could still be affected by LD_PRELOAD,
> > but let's suppose the next scenario:
> > Joe tries to do weird stuff, writes a .so file that replaces getuid()
> > calls to impersonate Frank and tries to run "rm -rf /", runs
> > control-center with LD_PRELOAD
> > 1) system-auth-manager will still know which is the calling user, as it
> > isn't affected by LD_PRELOAD
> > 2) system-auth-manager will check that user Joe is allowed to run the
> > "rm" command, if he isn't, the root password will be requested, and the
> > whole LD_PRELOAD won't be effective at all.
> Will Linux load an LD_PRELOAD from a non-root-owned
> directory tree for a setuid executable?
Linux will ignore LD_PRELOAD with any setuid executable.
> That's one of the checks that the "Linker Aliens" (the
> dynamic linker team at Sun, who I used to work with)
> asked to be made part of the security standard for ld.so...
> If not, what's the appropriate list to discuss **that** on?
No idea, but as I said (and others in this thread), Linux will never use
LD_PRELOAD if the executable is setuid. That could be a really BIG
security hole :-)
> --dave (former professional paranoid) c-b
Carlos Perelló Marín
Ubuntu Warty (PowerPC) => http://www.ubuntulinux.org
Linux Registered User #121232
mailto:carlos at pemas.net || mailto:carlos at gnome.org
Valencia - Spain
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.freedesktop.org/archives/xdg/attachments/20041018/c38b4a4f/attachment.pgp
More information about the xdg