On Tuesday, February 01, 2011 13:16:22 Zack Weinberg wrote: > On Mon, Jan 31, 2011 at 10:16 PM, Mike Frysinger <vap...@gentoo.org> wrote: > > suing to root and claiming security issues makes no sense. think > > about it for all of three seconds. > > I have. If you do "su -" instead of "su" you expect that to isolate > you from (for instance) hostile clients on the same X session. I > realize there are ways a determined attacker can get past anything su > can do (by attacking the unprivileged terminal you're typing at, for > instance), but that's not an excuse for su not even *trying*.
do you even know how these mechanisms work ? XAUTHORITY is a path to a file. it does not contain the magic cookie itself. reading that file only works if the person has permission to access it. if your system grants people permission, then your system is already screwed up and simply deleting the env value changes nothing in the security aspect. these supposed malicious users you're worried about will be able to screw you over all they want. same goes for DISPLAY. knowing the value is irrelevant, especially considering the vast majority of time it is the same value. security controls are in place above that to prevent people from talking to any DISPLAY. thus `su`-ing to another non-root user is not a security issue by preserving these variables. and `su`-ing to root is never a security issue for obvious reasons. > > as for the env vars you quoted, try reading the man page yet again: > > If --login is used, the $TERM, $COLORTERM, $DISPLAY, and > > $XAUTHORITY environment variables are copied if they were set. > > That it is documented does not make it not a bug. that you disagree with the design does not make it a bug. -mike
signature.asc
Description: This is a digitally signed message part.
