Mailinglist Archive: opensuse-bugs (4068 mails)

< Previous Next >
[Bug 708205] AUDIT-0: lightdm

https://bugzilla.novell.com/show_bug.cgi?id=708205

https://bugzilla.novell.com/show_bug.cgi?id=708205#c5


--- Comment #5 from Sebastian Krahmer <krahmer@xxxxxxxxxx> 2011-08-23 09:38:06
UTC ---
LightDM has some issues (even without looking at the DBUS code) where
it for example is vulnerable to race condition exploits. It chowns
ressource files inside users homedir like this:



/* Update the users .dmrc */
if (user)
{
path = g_build_filename (user_get_home_directory (user), ".dmrc",
NULL);
g_file_set_contents (path, data, length, NULL);
if (getuid () == 0 && chown (path, user_get_uid (user), user_get_gid
(user)) < 0)
g_warning ("Error setting ownership on %s: %s", path, strerror
(errno));
g_free (path);
}


Failing to realize symlinks etc. There is more code like this
(and I am going to report it to oss-sec) as well as integer
overflows. Unless lightdm has undergone a serious security review
I'd not recommend its usage.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >