Re: [Gimp-user] The GIMP opens in superuser mode

From: Liam R E Quin <liam holoweb net>
To: Steve Kinney <admin pilobilus net>, gimp-user-list gnome org
Subject: Re: [Gimp-user] The GIMP opens in superuser mode
Date: Fri, 06 Apr 2018 00:05:34 -0400

On Thu, 2018-04-05 at 23:40 -0400, Steve Kinney wrote:


On 04/05/2018 09:41 PM, Liam R E Quin wrote:

On Thu, 2018-04-05 at 20:42 -0400, Steve Kinney wrote:


It /should/ be impossible for a program opened by a 'regular'
user to
run in superuser mode, unless the regular user enters the root
password.


It can happen if the program's binary is owned by the root user and
is
mode u+s (set-userid).

Liam (ankh)


Yikes.

One "should" not allow this either, without a very good reason...


On most user applications, no, although
ls -l /usr/bin/ | grep '^[^ ]*s' | wc -l
gives 36 results here (many setgid rather than setuid, and not all
owned by root, but e.g. su, sudo, umount, all have to be root-owned and
suid.).

It's possible to disable set-userid file modes from being respected
using a mount option, but using that on the system partitions would
break yuor system.


-- 
Liam Quin - web slave for https://www.fromoldbooks.org/
with fabulous vintage art and fascinating texts to read.
Click here to have the slave beaten.

Follow-Ups:
- Re: [Gimp-user] The GIMP opens in superuser mode
  - From: Steve Kinney

References:
- [Gimp-user] The GIMP opens in superuser mode
  - From: Leslie Katz
- Re: [Gimp-user] The GIMP opens in superuser mode
  - From: Steve Kinney
- Re: [Gimp-user] The GIMP opens in superuser mode
  - From: Liam R E Quin
- Re: [Gimp-user] The GIMP opens in superuser mode
  - From: Steve Kinney

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]