Proposing to host system-auth-agent in fdo
Alexander Larsson
alexl at redhat.com
Mon Oct 18 10:06:32 EEST 2004
On Sat, 2004-10-16 at 20:48 +0200, Carlos Garnacho wrote:
> Ok, the program that uses the API could still be affected by LD_PRELOAD,
> but let's suppose the next scenario:
>
> Joe tries to do weird stuff, writes a .so file that replaces getuid()
> calls to impersonate Frank and tries to run "rm -rf /", runs
> control-center with LD_PRELOAD
>
> 1) system-auth-manager will still know which is the calling user, as it
> isn't affected by LD_PRELOAD
>
> 2) system-auth-manager will check that user Joe is allowed to run the
> "rm" command, if he isn't, the root password will be requested, and the
> whole LD_PRELOAD won't be effective at all.
So, you're agreeing that the binary-name check doesn't help much? (Since
you brought up the uid check instead.)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl at redhat.com alla at lysator.liu.se
He's an old-fashioned one-eyed grifter looking for a cure to the poison
coursing through his veins. She's a mentally unstable hypochondriac Hell's
Angel with a knack for trouble. They fight crime!
More information about the xdg
mailing list