Bug#474024: Fixed upstream?
Timo Juhani Lindfors
timo.lindfors at iki.fi
Mon Nov 8 07:35:52 UTC 2010
Hi Yury,
thank you for your interest in securing gksu/sudo and related
applications. I noticed your comments just now when I was browsing my
old bugs. Please keep 474024-submitter at bugs.debian.org in Cc if you
want the emails to reach the original submitter of the bug...
So, since I filed that bug I have been prototyping a solution and even
tried to get feedback at the "Wacky ideas" BoF at debconf9 ;-). The
key idea is that password can not be read via X but instead directly
via /dev/input/by-path/platform-i8042-serio-0-event-kbd. This is
relatively easy.
The problem is that it is not enough to read the password securely. We
also need to make sure that the command that the user intended to run
is really the command that will be run. In short: we need an
unspoofable way to show the command to the user. This seems to be very
hard. I have currently explored: switching to another virtual console
(crashy) and XGrabServer (doesn't work if some other program has
already grabbed it). My discussion with xorg people is mainly in the
thread
http://lists.freedesktop.org/archives/xorg/2010-September/051186.html
More notes are at http://iki.fi/lindi/darcs/sido/README
More information about the pkg-gnome-maintainers
mailing list