Bug#329156: /usr/sbin/gnome-pty-helper: writes arbitrary utmp records

Paul Szabo psz at maths.usyd.edu.au
Tue Sep 20 01:05:10 UTC 2005


Steve,

>> gnome-pty-helper can be made to write utmp/wtmp records with arbitrary
>> DISPLAY (host) settings. I am not sure if it can be tricked into erasing
>> existing records.
>
> Why is this filed at severity: critical?  What is the attack vector here
> which permits root privilege escalation?

I do not know any root escalation methods. When using reportbug, those
options seemed to fit best, apologies if they were not; please change if
appropriate. (For future reference: which options should I have used
instead?)

(In fact cannot think of any attacks: cannot think of any "important" uses
of utmp/wtmp files. I use utmp in some of my own scripts, that is how I
looked at gnome-tty-helper.)

Cheers, Paul

Paul Szabo   psz at maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia




More information about the Pkg-gnome-maintainers mailing list