Hi Helmut,
* Helmut Grohne <[EMAIL PROTECTED]> [2008-04-13 00:36]:
> > From the source code:
[...]
> > 309 void set_user_id(void)
> > 310 {
> > 311 seteuid(user_id);
> > 312 }
>
> > So why do you think it does not drop setuid root, the code does?
>
> You are right in
On Sat, Apr 12, 2008 at 11:08:46PM +0200, Nico Golde wrote:
> Hi Mohammed,
> * Mohammed Sameer <[EMAIL PROTECTED]> [2008-04-12 22:14]:
> > On Sat, Apr 12, 2008 at 07:51:22PM +0200, Julien Cristau wrote:
> > > On Sat, Apr 12, 2008 at 19:15:45 +0200, wrote:
> [...]
> > > So
> So why do you think it does not drop setuid root, the code does?
$ cat debian/patches/05_setuid.diff
Index: acon-1.0.5/acon.c
Commented a statement that returns the user id to non-root. That made
some control keys to not work.
===
> From the source code:
> 35 int main(int argc,char **argv)
> 36 {
> 37 int i,tty,useunicode=0;
> 38 char *fontf=0,*translationf=0,*keymapf=0;
> 39
> 40 get_ids();
> 41 set_user_id();
> ...
> 301 int user_id;
> 302 i
Hi Mohammed,
* Mohammed Sameer <[EMAIL PROTECTED]> [2008-04-12 22:14]:
> On Sat, Apr 12, 2008 at 07:51:22PM +0200, Julien Cristau wrote:
> > On Sat, Apr 12, 2008 at 19:15:45 +0200, wrote:
[...]
> > So you're building a package with a setuid root binary, comment out the
>
On Sat, Apr 12, 2008 at 07:51:22PM +0200, Julien Cristau wrote:
> On Sat, Apr 12, 2008 at 19:15:45 +0200, أحمد المحمودي wrote:
>
> > Hello,
> >
> > Actually patch 05_setuid.dpatch that was introduced in 1.0.5-2
> > comments the line:
> >
> > 311 seteuid(user_id);
> >
> > which is
On Sat, Apr 12, 2008 at 19:15:45 +0200, أحمد المحمودي wrote:
> Hello,
>
> Actually patch 05_setuid.dpatch that was introduced in 1.0.5-2
> comments the line:
>
> 311 seteuid(user_id);
>
> which is the line to drop setuid root.
> The reason was to fix a bug that made some contro
Hello,
Actually patch 05_setuid.dpatch that was introduced in 1.0.5-2
comments the line:
311 seteuid(user_id);
which is the line to drop setuid root.
The reason was to fix a bug that made some control keys not to work
when 'acon' was run without sudo.
I will drop this patc
Hi Helmut,
* Helmut Grohne <[EMAIL PROTECTED]> [2008-04-12 17:47]:
> The package has a setuid binary acon. The binary never drops setuid.
[...]
From the source code:
35 int main(int argc,char **argv)
36 {
37 int i,tty,useunicode=0;
38 char *fontf=0,*translationf
Package: acon
Version: 1.0.5-5
Severity: critical
Tags: security
Justification: root security hole
The package has a setuid binary acon. The binary never drops setuid. The
source code contains the following lines: (acon.c)
char tmp[300];
...
if((env=getenv("HOME")))
sprintf(tmp,"%s/.acon.
10 matches
Mail list logo
