Re: GNOME privilege library

From: Xavier Bestel <xavier bestel free fr>
To: Sean Middleditch <elanthis awesomeplay com>
Cc: Desktop Devel <desktop-devel-list gnome org>
Subject: Re: GNOME privilege library
Date: Thu, 13 Jan 2005 18:55:18 +0100

Le jeudi 13 janvier 2005 à 12:48 -0500, Sean Middleditch a écrit :
> On Thu, 2005-01-13 at 18:06 +0100, Xavier Bestel wrote:
> > Le jeudi 13 janvier 2005 à 11:26 -0500, Sean Middleditch a écrit :
> > > Additionally, the registration can note with processes can use which
> > > backend.  /usr/libexec/gnome-procman-renice is only registered
> > > to /usr/bin/gnome-procman, for example.  If ~/Downloads/random-trojan
> > > tries to use it the API would refuse, until the administrator granted
> > > that binary access.
> > 
> > Isn't this easily defeated with a bit of LD_PRELOAD magic ?
> 
> No.  In order to start any of these with privileges, you need a
> privileged helper program - i.e., setuid.  LD_PRELOAD is disabled for
> setuid binaries.

What I meant is, ~/Downloads/random-trojan can start
LD_PRELOAD=/tmp/trojan-crafted-lib.so /usr/bin/gnome-procman
and then executes itself with procman's name.

	Xav

Follow-Ups:
- Re: GNOME privilege library
  - From: Sean Middleditch

References:
- GNOME privilege library
  - From: Sean Middleditch
- Re: GNOME privilege library
  - From: Xavier Bestel
- Re: GNOME privilege library
  - From: Sean Middleditch

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]