[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KDE4 Patch to allow testing/execution of uninstalled
From:       "Friedrich W. H. Kossebau" <Friedrich.W.H () kossebau ! de>
Date:       2005-08-10 13:51:28
Message-ID: 200508101551.52057.Friedrich.W.H () kossebau ! de
[Download RAW message or body]


Am Mittwoch, 10. August 2005 15:22, schrieb Hans Meine:
> On Wednesday 10 August 2005 13:50, Friedrich W. H. Kossebau wrote:
> > I know close to nothing about libtool and cannot make too much out of
> > your comment, excuse me. Is libtool only used by KDE apps or all? And
> > does this really mean that libtool enables to circumvent the cwd
> > protection? So one could fool an admin by one's personal glibc version?
> > Or what is the scope of libtool?
>
> I guess that the above script was meant.  Yes, you can use your own glibc
> by changing LD_LIBRARY_PATH (AFAICS), but how would you fool an admin? It
> still runs with your UID, and you can run/code basically anything for
> yourself.

No idea how libtool works at all, it seems to do well enough as I never had to 
understand it ;) I am concerned that a plain user is able to have the admin 
run code a user put in place by playing tricks. Like he would place a "ls" 
executable somewhere. David's comment
> I can't see where the security issue comes from - yes someone can install a
> file which will then be used at runtime, but they can do just the same with
> shared libs already.
suggested me that libtool (however it works) also uses some description in the 
cwd (if available)? So a user could place some libtool description which then 
points to the modified libc with evil code?

Where to find beginner's docu of libtool? 8)

Friedrich

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]