[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    security vs. usability
From:       Bernhard Rosenkraenzer <bero () redhat ! de>
Date:       2001-02-05 21:22:47
[Download RAW message or body]

I've just noticed the change in kdecore/kapp.cpp (yes, I know, it's been
there for quite a while now) that disallows setuid/setgid KDE
applications.

While this is definitely a good thing for security, it also prevents
people who don't care about local security (i.e. most home users) from
making things like kppp or kisdndock setuid or setgid to allow anyone
access to dialout links and similar stuff.

I guess the error should be replaced by a warning - since a user can't
just make his own programs setuid, it's really just a way to tell the
admin not to do this if he cares about local security. If someone wants to
open leaks, let them...

Any better ideas?

LLaP
bero

[prev in list] [next in list] [prev in thread] [next in thread]