Re: GNOME privilege library

From: Xavier Bestel <xavier bestel free fr>
To: Mike Hearn <mike navi cx>
Cc: desktop-devel-list gnome org
Subject: Re: GNOME privilege library
Date: Thu, 13 Jan 2005 19:36:45 +0100

Le jeudi 13 janvier 2005 à 18:16 +0000, Mike Hearn a écrit :

> suid root binaries have a few problems too eg, GTK+ refuses to run if
> you've got the suid bit set. They also need to be audited for security
> AND all the libraries they use do too - if there's a buffer overflow in
> your time/date applet that's now a local priv escalation exploit. 

Apps called via sudo are like suid apps anyway, they should just be some
command-line helpers to the big GTK+ app which runs as user.

	Xav

References:
- GNOME privilege library
  - From: Sean Middleditch
- Re: GNOME privilege library
  - From: Mike Hearn
- Re: GNOME privilege library
  - From: Xavier Bestel
- Re: GNOME privilege library
  - From: Mike Hearn

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]