Re: Your opinion about adding Gnome Xsu to GNOME-Utils

[Philip Van Hoof <freax pandora be>]

On 2001.11.19 18:46 Havoc Pennington wrote:
> Philip Van Hoof <freax pandora be> writes:
> > So, I redirect my question to this list, what do other
> > people think ? :)
>
> It looks extremely suspect on a quick glance - e.g. it uses execlp()
> to launch an su subprocess, and the way it launches/talks to the
> subprocess is by spawning it in an offscreen ZvtTerm and parsing the
> output expect-style. I don't think it would pass a security audit.

I replaced the execlp() function with an execl() function (the configure
script searches the $PATH for a su command, uses this path and warns 
about
this security issue when it's finished. I can't do more about the issue
for the person who is compiling xsu from source. Maybe a check if the
current directory is in his PATH, but I find this rather stupid)

- execlp("su", "-", username, "-c", buffer, NULL);
+ #define SU_PATH "/bin/su" /* by configure script */
+ execl(SU_PATH, "-", username, "-c", buffer, NULL);

I am not sure if this completly fixes the issue. (it's in the cvs at 
this moment)


About the ZvtTerm issues; these will take longer to fix. I will have to
find another way to pass data to the getpass() function of the Unix 'su'
command, Havoc told me that using the zvt is insecure because
"ZvtTerm code may contain a security hole allowing some sort of buffer
overflow or the like."

If there are other suggestions .. 

--
Philip van Hoof aka freax (http://www.freax.eu.org)
irc: irc.openprojects.net mailto:freax @ linux.be