Bug 2654
| Summary: | /usr/bin/disable-paste does not need to be suid root!(?) | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Chris Evans <chris> |
| Component: | gpm | Assignee: | David Lawrence <dkl> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 6.0 | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 1999-06-02 11:34:07 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Chris Evans
1999-05-08 12:41:55 UTC
/usr/bin/disable-paste is suid root. The gpm Makefile contains this
line:
$(INSTALL_PROGRAM) -o root -m 4755 disable-paste \
$(bindir)/disable-paste
So apparently the gpm people think it should be suid-root. I have
emailed Ian Zimmerman <itz> who is mentioned in the Makefile
about this. I will update this bug when I hear back from him.
I chmod'ed /usr/bin/disable-paste 755 and I had no problems copy and
pasting among vc's etc.
This is the entire disable-paste.c
#include <unistd.h> /* execv */
static char* argv[] = {
"gpm",
"-A",
"-q",
0
};
int
main()
execv(SBINDIR "/gpm", argv);
exit(127);
Email from Ian Zimmerman <itz> (maintainer of gpm):
> I am looking at /usr/bin/disable-paste in the gpm package which is
> suid root. I am wondering what the need of setting this file suid
> root is. Brief testing has shown no ill consequences from changing
> this file to 755.
disable-paste has to be suid root because it exec's gpm with the -k
argument. If run as a normal user, it won't crash and burn, but it
won't do anything else either (in particular, it won't do its job
which is to disable any existing kernel selection buffer until a new
selection is made).
--
Ian Zimmerman <itz>
Electing a quail for President might cause wierd affects,
such as school principles refusing to eat baked potatoe.
Sorry to reopen, but -- wrong. Do this: chmod -s `which disable-paste` Now, as a non-root user, select some stuff in the console. Now run the unprivileged disable-paste. And hey presto, the kernel console paste buffer has been cleared. This proves that suid-root privs are not required So please verify this finding and remove the suid bit in Rawhide. Remember, disable-paste execs "gpm" as root, which inherits arbitrary user environment variables, etc, so the risk is beyond the 10 lines of code or so in "disable-paste" itself. Fixed (by removing setuid) in gpm-1.17.5-5. Thanks for persisting. |