[Pkg-fglrx-devel] Bug#625868: Bug#625868: auth event shows secret xauth cookie on command line
Patrick Matthäi
pmatthaei at debian.org
Wed May 11 17:29:25 UTC 2011
Am 09.05.2011 10:01, schrieb Vincent Zweije:
> On Mon, May 09, 2011 at 08:57:24AM +0200, Patrick Matth?i wrote:
>
> || Am 08.05.2011 23:58, schrieb Vincent Zweije:
> || >On Sun, May 08, 2011 at 11:51:40PM +0200, Vincent Zweije wrote:
> || >
> || >|| Looking at /etc/ati/authatieventsd.sh, this piece of code is wrong:
> || >
> || >||> revoke)
> || >||> if [ `pinky -fs | awk '{ if ($3 == "'$2'" || $(NF) == "'$2'" ) { print $1; exit; } }'` ]; then
> || >||> user=`pinky -fs | awk '{ if ($3 == "'$2'" || $(NF) == "'$2'" ) { print $1; exit; } }'`
> || >||> su $user -c "xauth -f $3 remove $2" || exit -1
> || >||> else
> || >||> xauth -f $3 remove $2 || exit -1
> || >||
> || >|| And strictly speaking, the same twice here, but the secret is being
> || >|| removed so exploiting its knowledge would be very hard though not
> || >|| theoretically impossible. Anyway, if your fixing the grant case, do the
> || >|| revoke case at the same time so they use the same method. It's just good
> || >|| software engineering.
> || >
> || >I think I had my eyes crossed here. No secret cookie is being mentioned,
> || >only the display name which is not secret.
> || Do you want to say, that the security part of this bug could be closed?
>
> Sorry, no, only that the "revoke" part has no security problem. The
> "grant" part still does.
>
> || Sorry yes I mean 11-4, not 10-4 :)
>
> Right. Well, if the offending code is gone in 11-4 that would be the
> end of the problem, but even without checking I suspect it's still there.
>
> Ciao. Vincent.
It looks like those issue were introduced by Debian years ago with the
patch 03-authatieventsd.sh.diff and I can't say for what it is realy
there (it already was available @ fglrx, where I was not the maintainer).
Could you please deapply it and look if everything is right?
--
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi
GNU/Linux Debian Developer
E-Mail: pmatthaei at debian.org
patrick at linux-dev.org
Comment:
Always if we think we are right,
we were maybe wrong.
*/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-fglrx-devel/attachments/20110511/e72ca540/attachment.pgp>
More information about the Pkg-fglrx-devel
mailing list