Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.

From: Ian Peters <itp ximian com>
To: Elliot Lee <sopwith redhat com>
Cc: Eric Mitchell <emitchell altaira com>, nautilus-list eazel com, mc gnome org, prion-me-harder ximian com
Subject: Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.
Date: Thu, 24 May 2001 13:44:11 -0400

On Thu, May 24, 2001 at 01:04:17PM -0400, Elliot Lee wrote:
> On Thu, 24 May 2001, Ian Peters wrote:
> 
> > Have you used fakeroot before?  That's exactly what it does, and it
> > seems to work fine.
> 
> Attached is a program to let everyone edit /etc/passwd.
> 
> 	cc -c t.S
> 	ld -o t t.o
> 
> The two problems with fakeroot for security are that it assumes everything
> uses ld.so, and it assumes everything makes system calls by going through
> the regular libc wrapper functions.

You've demonstrated the problems with using fakeroot as a sandbox
(which are obvious, and I should avoid writing mail when I just woke
up), but I fail to see what your program is supposed to do.

fakeroot doesn't run with root permissions, so bypassing the trapped
functions just gives you an EPERM on the chmod and nothing happens.

Am I missing something?  I don't see how any user can edit /etc/passwd
this way...

-- 
Ian Peters      "...it is 5 am and the sun has charred the other
itp gnu org      side of the earth and come back to us and painted
itp ximian com   the smoke over our heads an imperial violet..."

References:
- Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.
  - From: Ian Peters
- Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.
  - From: Elliot Lee

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]