Hi, it has been brought to my attention (through #512803) that su does not clean the environment at all. This has several security implications: * variables like PERL5LIB or GTK_MODULES can be passed to another user, leading to unwanted execution of code; * variables like DBUS_SESSION_BUS_ADDRESS or XDG_SESSION_COOKIE export authentication information that could be used to obtain private information such as passwords in gnome-keyring.
Before I work around this specific issue in the fugliest way, shouldn’t we prevent su from preserving the environment? There have been several security advisories related to sudo not cleaning the environment, and the final call has been to make env_reset the default. Is there any reason why su should not be considered vulnerable the same way? Cheers, -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `- our own. Resistance is futile.
signature.asc
Description: Ceci est une partie de message numériquement signée