'Re: Konsole - a security vs. portability problem'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Konsole - a security vs. portability problem
From:       Stephan Kulow <coolo () kde ! org>
Date:       1999-01-06 9:49:18
[Download RAW message or body]

Lars Doelle wrote:
> 
> In the moment, konsole offers a security hole that allows local users to
> hijack/monitor the (root) sessions. The regular method to protect
> against this, is to do a chmod/chown on one of the devices within the
> emulation. Doing so would require konsole to be run root/suid, which
> raises more severe problems then it solves. Because i strongly dislike
> root/suid programs for many reasons, I've digged out an ioctl for Linux
> which does as desired, basically for the price of the solution not being
> portable to other UNIXes, eventually.
> 
> Comments, anyone?
> 
>   Lars
> 
>   ------------------------------------------------------------------------
> --- TEShell.C.ori       Mon Dec 21 01:16:00 1998
> +++ TEShell.C   Sun Dec 27 17:18:35 1998
> @@ -35,6 +35,7 @@
>  #include <termios.h>
>  #include <fcntl.h>
>  #include <unistd.h>
> +#include <asm/asm-i386/ioctls.h>
>  #include <sys/ioctl.h>
>  #include <grp.h>
>  #include "../../config.h"

That doesn't even run on all Linux variants! I don't think this is a
solution.
A security problem is a security problem even if you fix it for one
variant
of one Unix.

Greetings, Stephan

-- 
As long as Linux remains a religion of freeware fanatics,
Microsoft have nothing to worry about.  
                       By Michael Surkan, PC Week Online

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic