[Pkg-shadow-devel] Why is su preserving the environment?
Josselin Mouette
joss at debian.org
Sat Jan 24 07:41:37 UTC 2009
Hi,
it has been brought to my attention (through #512803) that su does not
clean the environment at all. This has several security implications:
* variables like PERL5LIB or GTK_MODULES can be passed to another
user, leading to unwanted execution of code;
* variables like DBUS_SESSION_BUS_ADDRESS or XDG_SESSION_COOKIE
export authentication information that could be used to obtain
private information such as passwords in gnome-keyring.
Before I work around this specific issue in the fugliest way, shouldn’t
we prevent su from preserving the environment?
There have been several security advisories related to sudo not cleaning
the environment, and the final call has been to make env_reset the
default. Is there any reason why su should not be considered vulnerable
the same way?
Cheers,
--
.''`.
: :' : We are debian.org. Lower your prices, surrender your code.
`. `' We will add your hardware and software distinctiveness to
`- our own. Resistance is futile.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20090124/68a83849/attachment.pgp
More information about the Pkg-shadow-devel
mailing list