[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (forw) gksu security bug? (xauth visible to all users)

From: Gustavo Noronha Silva
Subject: Re: (forw) gksu security bug? (xauth visible to all users)
Date: Fri, 14 Nov 2003 07:02:28 -0200

Em Thu, 13 Nov 2003 13:10:48 -0200, Gustavo Noronha Silva <address@hidden> 

> > That is why in my xsudo script, for example, I pipe the cookie to xauth
> > through stdin rather than putting it on the command line:
> > 
> >   #!/bin/sh
> >   xauth nlist $DISPLAY | XAUTHORITY=/tmp/.gksu-XXXXX/.Xauth xauth nmerge -
> >   XAUTHORITY=/tmp/.gksu-XXXXX/.Xauth sudo synaptic
> >   rm -rf /tmp/.gksu-XXXXX
> Yes, the problem here lies on how to make .Xauth only readable for the
> target user... I'm thinking about this with some other friends and maybe
> we can fix this today.

Ok, I found a way of having this very thing done by creating a helper
program that receives the xauth token through a pipe. The problem should
be fixed now, on 0.9.17, which I just released. Thanks.


address@hidden: Gustavo Noronha <http://people.debian.org/~kov>
Debian:  <http://www.debian.org>  *  <http://www.debian-br.org>
  "Não deixe para amanhã, o WML que você pode traduzir hoje!"

reply via email to

[Prev in Thread] Current Thread [Next in Thread]