Look at /usr/bin/disable-paste. It is suid-root. Brief testing showed that its functionality works fine if it is _not_ suid root. The risk is that the user can pass arbitrary environment variables, etc. to the GPM program. disable-paste is just a wrapper which calls gpm.
/usr/bin/disable-paste is suid root. The gpm Makefile contains this line: $(INSTALL_PROGRAM) -o root -m 4755 disable-paste \ $(bindir)/disable-paste So apparently the gpm people think it should be suid-root. I have emailed Ian Zimmerman <itz> who is mentioned in the Makefile about this. I will update this bug when I hear back from him. I chmod'ed /usr/bin/disable-paste 755 and I had no problems copy and pasting among vc's etc. This is the entire disable-paste.c #include <unistd.h> /* execv */ static char* argv[] = { "gpm", "-A", "-q", 0 }; int main() execv(SBINDIR "/gpm", argv); exit(127);
Email from Ian Zimmerman <itz> (maintainer of gpm): > I am looking at /usr/bin/disable-paste in the gpm package which is > suid root. I am wondering what the need of setting this file suid > root is. Brief testing has shown no ill consequences from changing > this file to 755. disable-paste has to be suid root because it exec's gpm with the -k argument. If run as a normal user, it won't crash and burn, but it won't do anything else either (in particular, it won't do its job which is to disable any existing kernel selection buffer until a new selection is made). -- Ian Zimmerman <itz> Electing a quail for President might cause wierd affects, such as school principles refusing to eat baked potatoe.
Sorry to reopen, but -- wrong. Do this: chmod -s `which disable-paste` Now, as a non-root user, select some stuff in the console. Now run the unprivileged disable-paste. And hey presto, the kernel console paste buffer has been cleared. This proves that suid-root privs are not required So please verify this finding and remove the suid bit in Rawhide. Remember, disable-paste execs "gpm" as root, which inherits arbitrary user environment variables, etc, so the risk is beyond the 10 lines of code or so in "disable-paste" itself.
Fixed (by removing setuid) in gpm-1.17.5-5. Thanks for persisting.