Hi Michael
gksu appears to not set any of the same environment variables, so I
put the strncmp("root", ...) call in there and return false. The
behaviour I chose is to do nothing if we can't assume a non-priveleged
user. The user experience though is that Synaptic silently does
nothing. I don't think this is a good thing, but perhaps a dialogue
box could be shown saying something like "You need to launch this
program with sudo to use that command..." or somesuch.
Apparently gksu doesn't set any of the expected environment variables,
so that is why I added the extra tests. see
http://stackoverflow.com/questions/15101854/keep-user-env-variables-executing-gksu
for a similar discussion.
With my patch applied, and Synaptic run with gksu or under
proper-root, clicking the links silently does nothing. When using
sudo, or running without any privileges the proper behaviour is
encountered. and the browser is launched with the proper user account.
I'm happy to help you on adding a dialogue for "can't launch browser
as root user" if you like ( though my gtk-chops are pretty limited),
so let me know if I can help more.
All the Best
Luke
On 6 November 2013 06:42, Michael Vogt <m...@debian.org> wrote:
> On Mon, Nov 04, 2013 at 03:49:43AM +0000, Luke Drummond wrote:
>> Hello Michael
> Hi Luke,
>
> thanks for your bugreport and your patch!
>
>> I've tracked down the source of the problem, and think I've created an
>> appropriate patch. The function RunAsSudoUserCommand() was
>> dereferencing a NULL pointer when failing to check for the return
>> value of getenv("SUDO_UID");
>>
>> I was launching Synaptic with gksu which does not set this environment
>> variable, so getenv returned NULL. I do not use sudo on my system
>> (though did add myself as a sudoer to confirm this behaviour and test
>> my changes).
>> Launching as a real root user caused the same crash.
>>
>> We should not launch the browsers/help viewers as root, so I've
>> provided a fallback behaviour.
>
> Indeed, thanks for finding and fixing this! Will $USER provide the
> name of the real user or will it contain "root" when gksu uses it?
>
>> The function RunAsSudoUserCommand() is currently called by the
>> following three methods (none of which should run their command with
>> effective root, as they are launching end-user-configurable software /
>> web browsers)
>>
>> RGMainWindow::cbHelpAction
>> RGPkgDetailsWindow::cbOpenLink
>> RGPkgDetailsWindow::cbOpenHomepage
>>
>> The patch I've provided solves the crash problem and the security
>> problem (it specifically checks whether the user is effective root,
>> and returns false if it is)
>>
>> Comments are welcome. It's not devastatingly beautiful, but seems to
>> serve its purpose.
> [..]
>
> It looks fine and I commited it locally. My only question would be if
> getenv("USER"); may give us the "real" user. If not I will try to
> think if there is any other way to find this out.
>
> Thanks,
> Michael
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
