[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: RE: kdesu overrides user's PATH with hardcoded path
From: "AJ Venter" <AJ.Venter () datacash ! co ! za>
Date: 2008-09-08 7:39:19
Message-ID: 6D3DB03C7B43164AA4BF76875F15875F16C2F11C () c3po ! mercantrade ! com
[Download RAW message or body]
--===============1998162434==
Content-class: urn:content-classes:message
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C91186.011BE533"
This is a multi-part message in MIME format.
> Hi,
> I second that.
> I understand the feature from a security standpoint, and i suppose i
doesn't hurt as an added security layer. However, being able to
configure it >simply configure it through a (read only,root owned)
configuration file would have helped me in the situation i was in when i
originally posted this >question. I am glad it sparked this discussion .
> If an evil-intended someone achieves to modify this file by getting
root write privilege, well there's much worse he/she could do than
modifying >kdesu's path don't you think ?.
I am not sure it should be separately configurable. As somebody else
pointed out, su also overrides the path, and the override (as well as
the new path) can be configured through PAM - I would say the logical
answer then is that kdesu should inherit those PAM settings and follow
them religiously. That way there is a single point of configuration for
su path's regardless of whether it's commandline or KDE su. Moreover it
shifts the burden of keeping that configuration secure back to the OS
where it belongs - more specifically to the PAM developers rather than
the KDE devs. As a final bonus - it means a single point for finding and
fixing su PATH security bugs across the entire system.
Ciao
A.J.
DISCLAIMER: This email and any files transmitted with it are confidential \
to DataCash Group plc and its group companies. It is intended only for the \
person to whom it is addressed. If you have received this email in error, \
please forward it to info@datacash.com with the subject line "Received in \
Error". If you are not the intended recipient you must not use, disclose, \
copy, print, distribute or rely on this email or any transmitted files. \
DataCash Ltd is registered in England and Wales no. 3430157. DataCash Ltd \
is part of the DataCash Group plc. DataCash Group plc is registered in \
England and Wales no. 3168091. DataCash Ltd and DataCash Group plc \
registered address is Descartes House, 8 Gate Street, London, WC2A 3HP, \
United Kingdom.
Save a tree...Please only print this page if essential
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><span \
style='color:#1F497D'>></span>Hi, <br>
<br>
<span style='color:#1F497D'>></span>I second that. <br>
<span style='color:#1F497D'>></span>I understand the feature from a \
security standpoint, and i suppose i doesn't hurt as an added security \
layer. However, being able to configure it <span \
style='color:#1F497D'>></span>simply configure it through a (read \
only,root owned) configuration file would have helped me in the situation i \
was in when i originally posted this <span \
style='color:#1F497D'>></span>question. I am glad it sparked this \
discussion
. <br>
<br>
<span style='color:#1F497D'>></span>If an evil-intended someone achieves \
to modify this file by getting root write privilege, well there's much \
worse he/she could do than modifying <span \
style='color:#1F497D'>></span>kdesu's path don't you think ?.<br>
<br>
<span style='color:#1F497D'><o:p></o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span \
style='font-size:11.0pt; \
font-family:"Calibri","sans-serif";color:#1F497D'>I am not sure it should \
be separately configurable. As somebody else pointed out, su also overrides \
the path, and the override (as well as the new path) can be configured \
through PAM – I would say the logical answer then is that kdesu \
should inherit those PAM settings and follow them religiously. That way \
there is a single point of configuration for su path’s regardless of \
whether it’s commandline or KDE su. Moreover it shifts the burden of \
keeping that configuration secure back to the OS where it belongs – \
more specifically to the PAM developers rather than the KDE devs. As a \
final bonus – it means a single point for finding and fixing su PATH \
security bugs across the entire system.<o:p></o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span \
style='font-size:11.0pt; \
font-family:"Calibri","sans-serif";color:#1F497D'>Ciao<o:p></o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span \
style='font-size:11.0pt; \
font-family:"Calibri","sans-serif";color:#1F497D'>A.J.<o:p></o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
<br>
<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
<p><span style="font-family:'Verdana';font-size:8pt; \
color:#000000;">DISCLAIMER: This email and any files transmitted with it \
are confidential to DataCash Group plc and its group companies. It is \
intended only for the person to whom it is addressed. If you have received \
this email in error, please forward it to </span><span \
style="font-family:'Verdana';font-size:8pt; \
color:#009999;"><u>info@datacash.com</u></span><span \
style="font-family:'Verdana';font-size:8pt; color:#000000;"> with the \
subject line "Received in Error". If you are not the intended \
recipient you must not use, disclose, copy, print, distribute or rely on \
this email or any transmitted files. DataCash Ltd is registered in England \
and Wales no. 3430157. DataCash Ltd is part of the DataCash Group plc. \
DataCash Group plc is registered in England and Wales no. 3168091. DataCash \
Ltd and DataCash Group plc registered address is Descartes House, 8 Gate \
Street, London, WC2A 3HP, United Kingdom. </span></p> <p><span \
style="font-family:'Verdana';font-size:8pt; color:#000000;"></span></p> \
<p><span style="font-family:'Verdana';font-size:8pt; \
color:#000000;"> </span></p> <p><span \
style="font-family:'Verdana';font-size:8pt; color:#336600;"><b>Save a \
tree...Please only print this page if essential</b></span></p> <p><span \
style="font-family:'Verdana';font-size:8pt; \
color:#336600;"><b> </b></span></p></body>
</html>
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
--===============1998162434==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic