[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: kdesu overrides user's PATH with hardcoded path
From:       Romain <romainguinot () gmail ! com>
Date:       2008-09-06 18:13:33
Message-ID: ae44b51f0809061113w44adfbd5kfbb0c93dcd07a41b () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi,

I second that.
I understand the feature from a security standpoint, and i suppose i doesn't
hurt as an added security layer. However, being able to configure it simply
configure it through a (read only,root owned) configuration file would have
helped me in the situation i was in when i originally posted this question.
I am glad it sparked this discussion .

If an evil-intended someone achieves to modify this file by getting root
write privilege, well there's much worse he/she could do than modifying
kdesu's path don't you think ?.

Regards,




On Sat, Sep 6, 2008 at 9:02 AM, Gary Greene <greeneg@tolharadys.net> wrote:

> On Friday 05 September 2008 04:25:42 pm Anders Lövgren wrote:
> > On Thursday 04 September 2008 08.40.13 Oswald Buddenhagen wrote:
> > > On Thu, Sep 04, 2008 at 02:52:43AM +0200, Anders Lövgren wrote:
> > > > The modified $PATH will at least protect against e.g. running a bad
> > > > ~/bin/cat from a program or script that happens to use whatever cat
> > > > that comes first in the $PATH.
> > >
> > > *how* is a bad cat supposed to get into ~/bin, huh? why do you want to
> > > secure the door of an obviously blown up house?
> >
> > Regarding the *how*, huh? and ~/bin: you had an idea about it yourself in
> > your previous mail, why asking me? :-)
> >
> > I don't think we need to discuss the *how* further here, theres better
> > forums for that. For the second question I would like to switch the
> > viewpoint: If the house is not blown up, why not lock the door?
> >
> > >> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to
> > >> unsubscribe <<
>
> Anders,
>
> Its not the "why not lock the door" issue I think that Ossi is commenting
> on,
> but rather the fact that this is completely UN-CONFIGURABLE. If I want this
> feature as a paranoid user, it should be managed by a configuration file
> that
> is read only versus plain hardcoding paths in the code. This way if _I_
> don't
> want/need it, I can set my system up as I want without patching the code
> unnecessarily.
>
> --
> Gary L. Greene, Jr.
> Sent from: peorth
>  23:59:53 up 5 days, 1 min,  6 users,  load average: 0.31, 0.23, 0.19
> ==========================================================================
> Developer and Project Lead for the AltimatOS open source project
> Volunteer Developer for the KDE open source project
> See http://www.altimatos.com/ and http://www.kde.org/ for more information
> ==========================================================================
>
> Please avoid sending me Word or PowerPoint attachments.
>
>
> >> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to
> unsubscribe <<
>
>

[Attachment #5 (text/html)]

<div dir="ltr">Hi, <br><br>I second that. <br>I understand the feature from a \
security standpoint, and i suppose i doesn&#39;t hurt as an added security layer. \
However, being able to configure it simply configure it through a (read only,root \
owned) configuration file would have helped me in the situation i was in when i \
originally posted this question. I am glad it sparked this discussion . <br> <br>If \
an evil-intended someone achieves to modify this file by getting root write \
privilege, well there&#39;s much worse he/she could do than modifying kdesu&#39;s \
path don&#39;t you think ?.<br><br>Regards, <br><br><br> <br><br><div \
class="gmail_quote">On Sat, Sep 6, 2008 at 9:02 AM, Gary Greene <span \
dir="ltr">&lt;<a href="mailto:greeneg@tolharadys.net">greeneg@tolharadys.net</a>&gt;</span> \
wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, \
204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <div><div></div><div \
class="Wj3C7c">On Friday 05 September 2008 04:25:42 pm Anders Lövgren wrote:<br> &gt; \
On Thursday 04 September 2008 08.40.13 Oswald Buddenhagen wrote:<br> &gt; &gt; On \
Thu, Sep 04, 2008 at 02:52:43AM +0200, Anders Lövgren wrote:<br> &gt; &gt; &gt; The \
modified $PATH will at least protect against e.g. running a bad<br> &gt; &gt; &gt; \
~/bin/cat from a program or script that happens to use whatever cat<br> &gt; &gt; \
&gt; that comes first in the $PATH.<br> &gt; &gt;<br>
&gt; &gt; *how* is a bad cat supposed to get into ~/bin, huh? why do you want to<br>
&gt; &gt; secure the door of an obviously blown up house?<br>
&gt;<br>
&gt; Regarding the *how*, huh? and ~/bin: you had an idea about it yourself in<br>
&gt; your previous mail, why asking me? :-)<br>
&gt;<br>
&gt; I don&#39;t think we need to discuss the *how* further here, theres better<br>
&gt; forums for that. For the second question I would like to switch the<br>
&gt; viewpoint: If the house is not blown up, why not lock the door?<br>
&gt;<br>
&gt; &gt;&gt; Visit <a href="http://mail.kde.org/mailman/listinfo/kde-devel#unsub" \
target="_blank">http://mail.kde.org/mailman/listinfo/kde-devel#unsub</a> to<br> &gt; \
&gt;&gt; unsubscribe &lt;&lt;<br> <br>
</div></div>Anders,<br>
<br>
Its not the &quot;why not lock the door&quot; issue I think that Ossi is commenting \
on,<br> but rather the fact that this is completely UN-CONFIGURABLE. If I want \
this<br> feature as a paranoid user, it should be managed by a configuration file \
that<br> is read only versus plain hardcoding paths in the code. This way if _I_ \
don&#39;t<br> want/need it, I can set my system up as I want without patching the \
code<br> unnecessarily.<br>
<br>
--<br>
Gary L. Greene, Jr.<br>
Sent from: peorth<br>
&nbsp;23:59:53 up 5 days, 1 min, &nbsp;6 users, &nbsp;load average: 0.31, 0.23, \
0.19<br> ==========================================================================<br>
 Developer and Project Lead for the AltimatOS open source project<br>
Volunteer Developer for the KDE open source project<br>
See <a href="http://www.altimatos.com/" target="_blank">http://www.altimatos.com/</a> \
and <a href="http://www.kde.org/" target="_blank">http://www.kde.org/</a> for more \
information<br> ==========================================================================<br>
 <br>
Please avoid sending me Word or PowerPoint attachments.<br>
<br><br>
&gt;&gt; Visit <a href="http://mail.kde.org/mailman/listinfo/kde-devel#unsub" \
target="_blank">http://mail.kde.org/mailman/listinfo/kde-devel#unsub</a> to \
unsubscribe &lt;&lt;<br> <br></blockquote></div><br></div>



>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic