On Wed, May 11, 2011 at 07:29:25PM +0200, Patrick Matthäi wrote: > Am 09.05.2011 10:01, schrieb Vincent Zweije: > > On Mon, May 09, 2011 at 08:57:24AM +0200, Patrick Matth?i wrote: > > > > || Am 08.05.2011 23:58, schrieb Vincent Zweije: > > || >On Sun, May 08, 2011 at 11:51:40PM +0200, Vincent Zweije wrote: > > || > > > || >|| Looking at /etc/ati/authatieventsd.sh, this piece of code is wrong: > > || > > > || >||> revoke) > > || >||> if [ `pinky -fs | awk '{ if ($3 == "'$2'" || $(NF) == > > "'$2'" ) { print $1; exit; } }'` ]; then > > || >||> user=`pinky -fs | awk '{ if ($3 == "'$2'" || $(NF) == > > "'$2'" ) { print $1; exit; } }'` > > || >||> su $user -c "xauth -f $3 remove $2" || exit -1 > > || >||> else > > || >||> xauth -f $3 remove $2 || exit -1 > > || >|| > > || >|| And strictly speaking, the same twice here, but the secret is being > > || >|| removed so exploiting its knowledge would be very hard though not > > || >|| theoretically impossible. Anyway, if your fixing the grant case, > > do the > > || >|| revoke case at the same time so they use the same method. It's > > just good > > || >|| software engineering. > > || > > > || >I think I had my eyes crossed here. No secret cookie is being > > mentioned, > > || >only the display name which is not secret. > > || Do you want to say, that the security part of this bug could be closed? > > > > Sorry, no, only that the "revoke" part has no security problem. The > > "grant" part still does. > > > > || Sorry yes I mean 11-4, not 10-4 :) > > > > Right. Well, if the offending code is gone in 11-4 that would be the > > end of the problem, but even without checking I suspect it's still there. > > > > Ciao. Vincent. > > > It looks like those issue were introduced by Debian years ago with the > patch 03-authatieventsd.sh.diff and I can't say for what it is realy > there (it already was available @ fglrx, where I was not the maintainer). > Could you please deapply it and look if everything is right?
Vincent, did you test it? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org