Re: GNOME privilege library
- From: Sean Middleditch <elanthis awesomeplay com>
- To: Xavier Bestel <xavier bestel free fr>
- Cc: Desktop Devel <desktop-devel-list gnome org>
- Subject: Re: GNOME privilege library
- Date: Thu, 13 Jan 2005 13:06:11 -0500
On Thu, 2005-01-13 at 18:55 +0100, Xavier Bestel wrote:
> Le jeudi 13 janvier 2005 à 12:48 -0500, Sean Middleditch a écrit :
> > No. In order to start any of these with privileges, you need a
> > privileged helper program - i.e., setuid. LD_PRELOAD is disabled for
> > setuid binaries.
> What I meant is, ~/Downloads/random-trojan can start
> LD_PRELOAD=/tmp/trojan-crafted-lib.so /usr/bin/gnome-procman
> and then executes itself with procman's name.
And how would that in anyway let the trojan invoke the backends with
privileges? The setuid helper would be responsible for determining that
its parent (who launched it) is allowed to execute the target backend,
perhaps using the infromation in /proc (on Linux).
Or, as Mike said, if D-BUS is chosen as the backend, the security system
in D-BUS can be used. (Which basically does the above, albeit more
] [Thread Prev