From kde-devel Tue Dec 27 15:28:16 2005 From: Adriaan de Groot Date: Tue, 27 Dec 2005 15:28:16 +0000 To: kde-devel Subject: Re: One Way to Increase KDE security Message-Id: <200512271628.25930.groot () kde ! org> X-MARC-Message: https://marc.info/?l=kde-devel&m=113569738525478 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--===============1622400229==" --===============1622400229== Content-Type: multipart/signed; boundary="nextPart6801638.Y06joSFSPc"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit --nextPart6801638.Y06joSFSPc Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday 27 December 2005 14:35, Dave Feustel wrote: > On Tuesday 27 December 2005 06:19, David Faure wrote: > > On Tuesday 27 December 2005 03:05, Dave Feustel wrote: > > > Delete all kde/Xorg sockets in /tmp everytime KDE exits. > > > > Can you please stop making up facts about "security" every day on this > > list? It wouldn't be so annoying if it actually made sense... > > I am pretty sure that DCOP is part of the security problem in KDE, althou= gh > I think the big problems are that P-Grant-Pty is not properly ported to > OpenBSD by the OpenBSD developers=20 Didn't Mark Espie _tell_ you that already? Have you tried to use the FreeBS= D=20 code paths yet? As a *BSD, it might have the right API for you (but maybe=20 not, stuff does change particularly for this kind of security reason). > and that the socket /tmp/.ICE-unix/X0 is=20 > created by Xorg with world rw permissions.=20 Well, that's not strange; the permissions should be (in a less paranoid OS;= =20 whether Theo thinks these permissions are reasonable is another thing): drwxrwxrwt 2 root wheel 512 Dec 25 13:00 .ICE-unix =2Dr--r--r-- 1 root wheel 11 Dec 25 12:41 .X0-lock drwxrwxrwt 2 root wheel 512 Dec 25 12:41 .X11-unix drwxrwxrwt 2 root wheel 512 Dec 25 12:41 .XIM-unix drwxrwxrwt 2 root wheel 512 Dec 25 12:41 .font-unix Again, note the "t"; anyone can create files in there, which is needed when= =20 creating more than one session (if you have a multi-user system, that's a=20 good thing). As for the permissions of files _in_ those directories, that's= =20 another thing. > I chmod the permissions first=20 > thing when I start kde and it causes me no problems, so it seems like a > good idea.=20 =46or a single user system where you have complete control, maybe. For a=20 different system, definitely not (I've got boxes running a KDE locally, two= =20 via remote X, and another NX session, so those dirs must be writable when n= ew=20 sessions are started). > I strongly recommend that KDE delete all temporary files,=20 > including sockets, every time kde shuts down. I do this now even during t= he > kde session if I suddenly start having problems. Do it in .xsession, that's what it's there for, for specific hacks you want= to=20 execute. Heck, do startkde ME=3D`id -un` rm -rf /tmp/kde-$ME /tmp/mcop-$ME to get that kind of cleanup yourself (I wouldn't bother myself, those dirs = are=20 created 700).=20 > I also would like an option for kde's forgetting about sessions at > shutdown. IE kde starts with no remembered sessions each time it restarts. I'm not sure where the session data lives, actually. Probably ksmserverrc.= =20 Heck, you can define a once-and-for-all .kde for yourself and tar it up, rm= =20 =2Drf .kde and untar that once-and-forall setup before starting X and be do= ne=20 with it as well. > I would also like to be able to increase the amount of information report= ed > in error messages. Watch .xsession-errors or start your applications from a konsole; compile t= hem=20 with debugging enabled. > I get a lot of error messages when I crash kde and I=20 It might crash less often if you stop pulling the rug out from under its fe= et. > infer things from the nature of the errors reported. More info would help > me distinguish between proper and improper activity. This is easy for me > since my computer is a single-user system and all messages should be > related to things *I* am doing on the system. =2E. except for the things that happen in the background, like http cache=20 cleaning, cronjobs, etc. Those'll trip you up every time. =2D-=20 These are your friends - Adem GPG: FEA2 A3FE Adriaan de Groot --nextPart6801638.Y06joSFSPc Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD4DBQBDsV2ZdqzuAf6io/4RAsy6AJYqCnrGm8uH+YArw6+rCRzre73FAKCWgCl3 gCMYxR9pb9FOlK42bsKIpQ== =7keg -----END PGP SIGNATURE----- --nextPart6801638.Y06joSFSPc-- --===============1622400229== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline >> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe << --===============1622400229==--