Summary: | /usr/bin/slimlock from x11-misc/slim probably needs to be set SUID | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Denis Dupeyron (RETIRED) <calchan> |
Component: | Current packages | Assignee: | Robert Pearce <bugs.gentoo> |
Status: | CONFIRMED --- | ||
Severity: | normal | CC: | cyril42e, mgorny, proxy-maint, security |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Denis Dupeyron (RETIRED)
2014-02-03 17:18:38 UTC
x11-misc/slimlock installed the binary SUID, so I expect this is simply overlooked in the build system for x11-misc/slim. I will patch the build system appropriately, unless security@ has any objections. (In reply to Ian Stakenvicius from comment #1) > x11-misc/slimlock installed the binary SUID I didn't know that. So it confirms my findings then. Thanks for taking care of it. Denis The change of SUID on slimlock in slim-1.3.6-r5 is causing my computer to hang after resuming when executing slimlock before suspend (slimlock& ; sudo pm-suspend). The keyboard and mouse are frozen: I cannot move the mouse/touchpad, cannot enter the password, cannot switch VT, cannot ctrl-alt-del or ctrl-alt-backspace (but power button halts the system nicely). I confirmed that this is due to the SUID flag. Is it really a security risk to allow switching VTs? I guess we are not supposed to have an open shell in a VT while working in X. Also when there are two instances of slimlock running it is not possible to enter the password to unlock the second one, and the only way is to switch VT to kill it (probably should have filed a bug in addition to improving my script to ensure that it never starts twice slimlock). |