81293 – app-admin/gnomesu (Vendor-Sec)

Bug 81293 - app-admin/gnomesu (Vendor-Sec)

Summary: app-admin/gnomesu (Vendor-Sec)

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All All

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-02-08 13:14 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified:	2006-12-27 01:18 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-02-08 13:14:37 UTC

for everyone who is shipping gnomesu and gave /opt/gnome/lib/libgnomesu/gnomesu-backend
higher privileges.

problems:
- local root b/c of incorrect usage of popen()
- X/ICE cookies are copied arround w/o restrictions (local root
  possible)
- PATH env. variable not sanitized correctly
- possible file overwrite (not tested)
- possible integer overflows in *alloc functions (not tested)

Comment 1 Thierry Carrez (RETIRED) gentoo-dev

2005-02-11 07:20:48 UTC

Our gnomesu is not the same and does not have the source layout of the "libgnomesu-0.9.5" Thomas Biege talks about. Closing as INVALID. Reopen if you disagree.