Re: (forw) gksu security bug? (xauth visible to all users)

gksu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (forw) gksu security bug? (xauth visible to all users)

From:	Gustavo Noronha Silva
Subject:	Re: (forw) gksu security bug? (xauth visible to all users)
Date:	Fri, 14 Nov 2003 07:02:28 -0200

Em Thu, 13 Nov 2003 13:10:48 -0200, Gustavo Noronha Silva <address@hidden> 
escreveu:

> > That is why in my xsudo script, for example, I pipe the cookie to xauth
> > through stdin rather than putting it on the command line:
> > 
> >   #!/bin/sh
> >   xauth nlist $DISPLAY | XAUTHORITY=/tmp/.gksu-XXXXX/.Xauth xauth nmerge -
> >   XAUTHORITY=/tmp/.gksu-XXXXX/.Xauth sudo synaptic
> >   rm -rf /tmp/.gksu-XXXXX
> 
> Yes, the problem here lies on how to make .Xauth only readable for the
> target user... I'm thinking about this with some other friends and maybe
> we can fix this today.

Ok, I found a way of having this very thing done by creating a helper
program that receives the xauth token through a pipe. The problem should
be fixed now, on 0.9.17, which I just released. Thanks.

[]s!

-- 
address@hidden: Gustavo Noronha <http://people.debian.org/~kov>
Debian:  <http://www.debian.org>  *  <http://www.debian-br.org>
  "Não deixe para amanhã, o WML que você pode traduzir hoje!"
        http://debian-br.alioth.debian.org/?id=WebWML

[Prev in Thread]

Current Thread

[Next in Thread]

Re: (forw) gksu security bug? (xauth visible to all users), Gustavo Noronha Silva, 2003/11/13
- Message not available
  - Re: (forw) gksu security bug? (xauth visible to all users), Gustavo Noronha Silva, 2003/11/13
    - Re: (forw) gksu security bug? (xauth visible to all users), Gustavo Noronha Silva <=

Prev by Date: Re: (forw) gksu security bug? (xauth visible to all users)
Next by Date: New way of doing things
Previous by thread: Re: (forw) gksu security bug? (xauth visible to all users)
Next by thread: New way of doing things
Index(es):
- Date
- Thread