[Xorg] Current blocker bug list
Alan Cox
alan at lxorguk.ukuu.org.uk
Fri Aug 13 05:22:27 PDT 2004
On Gwe, 2004-08-13 at 12:39, Alan Cox wrote:
> A combination of #1 and a .cf configured policy is needed. The suid
> helper itself is pretty trivial
>
> #define FIXED_PATH wherever
>
> int main(int argc, char *argv[])
> {
> exit(chown(FIXED_PATH, 0, 0) ? errno: 0);
> }
>
Ok turns out that can be tricked in some environments. I think we have
to fail hard and print a message clearly stating what the problem is and
how to fix it. I don't think you can do it securely because you
have to deal with an attacker creating symlinks.
Alan
More information about the xorg
mailing list