[Pkg-shadow-devel] Why is su preserving the environment?

Josselin Mouette joss at debian.org
Sat Jan 24 07:41:37 UTC 2009


it has been brought to my attention (through #512803) that su does not
clean the environment at all. This has several security implications:
      * variables like PERL5LIB or GTK_MODULES can be passed to another
        user, leading to unwanted execution of code;
        export authentication information that could be used to obtain
        private information such as passwords in gnome-keyring.

Before I work around this specific issue in the fugliest way, shouldn’t
we prevent su from preserving the environment?

There have been several security advisories related to sudo not cleaning
the environment, and the final call has been to make env_reset the
default. Is there any reason why su should not be considered vulnerable
the same way?

: :' :      We are debian.org. Lower your prices, surrender your code.
`. `'       We will add your hardware and software distinctiveness to
  `-        our own. Resistance is futile.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
	=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20090124/68a83849/attachment.pgp 

More information about the Pkg-shadow-devel mailing list