Re: GNOME security
- From: Martin Baulig <martin home-of-linux org>
- To: Havoc Pennington <hp Mcs Net>
- Cc: Chris Evans <chris ferret lmh ox ac uk>, gnome-list gnome org
- Subject: Re: GNOME security
- Date: 23 Feb 1999 19:05:39 +0100
Havoc Pennington <hp@Mcs.Net> writes:
> On Mon, 22 Feb 1999, Chris Evans wrote:
> >
> > I will be happy to audit this. However the SRPM I just downloaded and
> > installed for 0.99.8 doesn't have this subdirectory :-(
> >
> > If some kind soul mails me a tarball of that directory I will have a look
> > (currently I am too lazy to learn CVS :-)
> >
>
> I'll mail you a sloppy one privately (tar czf of the subdir, no make dist
> or other fanciness).
>
> However you might want to look at http://www.gnome.org/lxr/ if not CVS,
> because this a hacked version of GNU su. Since su has been around a long
> time, any bugs are likely to be in the new code - thus the diffs on that
> web page or from CVS will likely be enlightening. Martin was careful to
> import unchanged GNU su as the initial version, again see the README in
> the tarball I'm mailing you.
Well, if we're going to have gsu security audited, I'll start writing the
GUI frontend for it - at the moment it only contains testing code.
Since this changes will only affect the non-suid client code there shouldn't
be any security problems with it.
I'll try my best no to touch the suid code, however.
--
Martin Baulig - martin@home-of-linux.org - http://www.home-of-linux.org
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]