[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: RE: kdesu overrides user's PATH with hardcoded path
From: "AJ Venter" <AJ.Venter () datacash ! co ! za>
Date: 2008-09-08 7:39:19
Message-ID: 6D3DB03C7B43164AA4BF76875F15875F16C2F11C () c3po ! mercantrade ! com
[Download RAW message or body]
--===============1998162434==
Content-class: urn:content-classes:message
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C91186.011BE533"
This is a multi-part message in MIME format.
> Hi,
> I second that.
> I understand the feature from a security standpoint, and i suppose i
doesn't hurt as an added security layer. However, being able to
configure it >simply configure it through a (read only,root owned)
configuration file would have helped me in the situation i was in when i
originally posted this >question. I am glad it sparked this discussion .
> If an evil-intended someone achieves to modify this file by getting
root write privilege, well there's much worse he/she could do than
modifying >kdesu's path don't you think ?.
I am not sure it should be separately configurable. As somebody else
pointed out, su also overrides the path, and the override (as well as
the new path) can be configured through PAM - I would say the logical
answer then is that kdesu should inherit those PAM settings and follow
them religiously. That way there is a single point of configuration for
su path's regardless of whether it's commandline or KDE su. Moreover it
shifts the burden of keeping that configuration secure back to the OS
where it belongs - more specifically to the PAM developers rather than
the KDE devs. As a final bonus - it means a single point for finding and
fixing su PATH security bugs across the entire system.
Ciao
A.J.
DISCLAIMER: This email and any files transmitted with it are confidential to DataCash \
Group plc and its group companies. It is intended only for the person to whom it is \
addressed. If you have received this email in error, please forward it to \
info@datacash.com with the subject line "Received in Error". If you are not the \
intended recipient you must not use, disclose, copy, print, distribute or rely on \
this email or any transmitted files. DataCash Ltd is registered in England and Wales \
no. 3430157. DataCash Ltd is part of the DataCash Group plc. DataCash Group plc is \
registered in England and Wales no. 3168091. DataCash Ltd and DataCash Group plc \
registered address is Descartes House, 8 Gate Street, London, WC2A 3HP, United \
Kingdom.
Save a tree...Please only print this page if essential
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><span \
style='color:#1F497D'>></span>Hi, <br>
<br>
<span style='color:#1F497D'>></span>I second that. <br>
<span style='color:#1F497D'>></span>I understand the feature from a security
standpoint, and i suppose i doesn't hurt as an added security layer. However,
being able to configure it <span style='color:#1F497D'>></span>simply
configure it through a (read only,root owned) configuration file would have
helped me in the situation i was in when i originally posted this <span
style='color:#1F497D'>></span>question. I am glad it sparked this discussion
. <br>
<br>
<span style='color:#1F497D'>></span>If an evil-intended someone achieves to
modify this file by getting root write privilege, well there's much worse
he/she could do than modifying <span style='color:#1F497D'>></span>kdesu's
path don't you think ?.<br>
<br>
<span style='color:#1F497D'><o:p></o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>I am not sure it should be \
separately configurable. As somebody else pointed out, su also overrides the path, \
and the override (as well as the new path) can be configured through PAM – I \
would say the logical answer then is that kdesu should inherit those PAM settings and
follow them religiously. That way there is a single point of configuration for
su path’s regardless of whether it’s commandline or KDE su. Moreover it \
shifts the burden of keeping that configuration secure back to the OS where it \
belongs – more specifically to the PAM developers rather than the KDE devs. As \
a final bonus – it means a single point for finding and fixing su PATH security \
bugs across the entire system.<o:p></o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Ciao<o:p></o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>A.J.<o:p></o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
<br>
<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
<p><span style="font-family:'Verdana';font-size:8pt; color:#000000;">DISCLAIMER: This \
email and any files transmitted with it are confidential to DataCash Group plc and \
its group companies. It is intended only for the person to whom it is addressed. If \
you have received this email in error, please forward it to </span><span \
style="font-family:'Verdana';font-size:8pt; \
color:#009999;"><u>info@datacash.com</u></span><span \
style="font-family:'Verdana';font-size:8pt; color:#000000;"> with the subject line \
"Received in Error". If you are not the intended recipient you must not \
use, disclose, copy, print, distribute or rely on this email or any transmitted \
files. DataCash Ltd is registered in England and Wales no. 3430157. DataCash Ltd is \
part of the DataCash Group plc. DataCash Group plc is registered in England and Wales \
no. 3168091. DataCash Ltd and DataCash Group plc registered address is Descartes \
House, 8 Gate Street, London, WC2A 3HP, United Kingdom. </span></p> <p><span \
style="font-family:'Verdana';font-size:8pt; color:#000000;"></span></p> <p><span \
style="font-family:'Verdana';font-size:8pt; color:#000000;"> </span></p> \
<p><span style="font-family:'Verdana';font-size:8pt; color:#336600;"><b>Save a \
tree...Please only print this page if essential</b></span></p> <p><span \
style="font-family:'Verdana';font-size:8pt; \
color:#336600;"><b> </b></span></p></body>
</html>
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
--===============1998162434==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic