Re: Linux GNOME exploit - PATCH!




Yo Ric Dude <ricdude@toad.net> writes:

> Hey folks, please review patch below for the esdlib 
> exploit.  x11amp is a popular program to install
> as setuid root for real-time priority, and other
> esdified audio apps may seek the same performance 
> increase.  It's fixed easily enough.  Is this 
> sufficient?

Hmmm, x11amp uses GTK+... I hope it irrevocably drops all root
permissions before it gets to the GTK+ code if somebody is running it
suid root.

(Otherwise, there is a security hole 18 miles wide and 23 miles long
which we've basically chosen to leave there. Better to make it clear
that GTK+ is not suitable for suid root programs than to claim that
there isn't a single exploitable line in the 184,000 lines of GTK+.

Hint: you don't need a buffer overflow when you can load up arbitrary
shared libraries and get the code executed.)

That doesn't mean that buffer overflows in esd shouldn't get
fixed. But the way to avoid problems is to keep as little code as
possible in the firing line.

Regards,
                                        Owen




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]