Goswin von Brederlow wrote: > That might be true for X resource files and the docs sound realy scary > (also shown by your segfault). But aren't there any suid/sgid game > programs with xpm (or png or jpeg or any other complex lib for that > matter) support? Any kde/gnome program can probably be exploited by > messing with the theming support of them. > > At what point do you say this library may not be used in a suid/sgid > program? Is it even OK to use libc?
Um, this has nothing to do with that libraries may be used in a suid program. (Although IIRC you'll find it hard to make apps that use gtk suid, since it has explicit checks for that and refuses to run, since it is known to be insecure.) Well written suid applications look at every avenue the user has to influence the program by changing its operating environment and input data, and make good decisions to limit these channels and ensure that the code that can be affected by them is secure. xshisen is clearly not well designed to be suid, given the choices that were made that provide the user with many avenues to provide bad data to the program. > So what do you suggest? Fork, drop the suid/sgid in the child, load > the xpm and send the raw image through IPC back to the parent? I suggest that you read my orignal bug report with a little bit more care. I do not enjoy repeating myself or watching a focused bug report be diverged off into useless discussions. -- see shy jo
signature.asc
Description: Digital signature
