[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: kdesu overrides user's PATH with hardcoded path
From:       "Guillaume Pothier" <gpothier () gmail ! com>
Date:       2008-08-31 23:02:52
Message-ID: 8caa8ded0808311602r1d46d8c9na72af96afcb1bb07 () mail ! gmail ! com
[Download RAW message or body]

>>
> this argument is nonsense. why would /usr/bin be less vulnerable than
> /usr/local/bin? there is no probability involved here. attacker can
> modify anything in your $PATH => you lose. period.

I think the case is more about something the user downloads somewhere
into his home directory (which she can do without needing any
privileges) than something between /usr and /usr/local.
But yes, I agree that it is far from being absolute security...
g

> by extension that means that $PATH containing "." is an actual security
> problem: when you happen to be in a directory to which an attacker (who
> happens to be a legitimate user of the system) has write access (e.g.,
> /tmp), you'll run his executable. this is somewhat alleviated by having
> the "." as the last thing in $PATH instead of as the first one, but then
> the attacker still can install mistyped versions of common commands and
> thus have a realistic chance of having his code executed by a victim.
> so kdesu filtering out "." from $PATH would be a reasonable thing (so
> far, it only protects against "" (same as ".") at the start).
>
> --
> Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
> --
> Confusion, chaos, panic - my work here is done.
>
>>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
>
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]