[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Konsole - a security vs. portability problem
From: <uwe () uwix ! alt ! na>
Date: 1999-01-06 10:59:28
[Download RAW message or body]
On Wed, 6 Jan 1999, Lars Doelle wrote:
> In the moment, konsole offers a security hole that allows local users to
> hijack/monitor the (root) sessions. The regular method to protect
> against this, is to do a chmod/chown on one of the devices within the
> emulation. Doing so would require konsole to be run root/suid, which
> raises more severe problems then it solves. Because i strongly dislike
> root/suid programs for many reasons, I've digged out an ioctl for Linux
> which does as desired, basically for the price of the solution not being
> portable to other UNIXes, eventually.
>
> Comments, anyone?
If it isn't protable it isn't a solution. :-(
There is a solution:
Let konsole run suid root.
In main() before you do anything else you pick a pty, chown you.users
it, chmod go-rw it. Immediately thereafter you give up root privileges
_completely and forever_!
You might think you have a problem this way on exit because you can't
chown root.root the pty. But that is not necessary!!!! All you must do
is chmod go+wr on exit. And that you _can_ do without root privileges!
This way you can do all the root stuff before you even touch KDE, Qt,
and X. Should be fairly safe.
Uwe
-------------------------------------------------------------------------
Uwe Thiem Tel: +264 - 061 - 244511
P.O.Box 30955 Fax: +264 - 061 - 244511
Windhoek Email: uwe@uwix.alt.na
Republic of Namibia uwe@kde.org
http://www.kde.org
**********************************
You can still escape from the GATES of hell: Use KDE!
-------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic