Bugtraq mailing list archives
Re: XDM bug
From: abelits () phobos illtel denver co us (Alex Belits)
Date: Fri, 3 Jan 1997 18:06:40 -0800
On Fri, 3 Jan 1997, jamie wrote:
:On Thu, 2 Jan 1997, Angel Ortiz wrote: :[...] :> System: UNIX Ware systems with X :> :> Symptom: :> /usr/X/bin/xdm is setuid :[...] :> Any way, please verify xdm setuid on your systems and please let the :> bugtraq news group know if it exists on other systems. BSDi 2.1 is also not vulnerable. Even if it was suid, this problem can be (briefly) alleviated by popping it in you respectice /etc/rc.* file as opposed to starting it as a user.
And what is the reason to start xdm as user? I can understand why some perverted minds may want setuid X server (not that I think, it's any smart), but xdm? User will still get the login box anyway, and there won't be a way to stop xdm unless it's remained attached to the terminal (what is insecure)... xdm is a server, other users may depend on, and if there is no other possible users, there won't be any need in starting xdm manually anyway. It's the same as, say, having setuid root inetd that won't start by the startup script and will be used by a regular users to enable network services. Or setuid root ftpd, so users will be able to enable FTP access... Or httpd... Or sendm... Oops, this one exists, even though the only thing it needs to do as root is listening to his port 25 and setuid to users to write mailboxes what could be safely done by separate small program, always running as root, but this is a separate issue. -- Alex
Current thread:
- XDM bug Angel Ortiz (Jan 02)
- <Possible follow-ups>
- Re: XDM bug Steve \ (Jan 03)
- Re: XDM bug jamie (Jan 03)
- Re: XDM bug Alex Belits (Jan 03)
- serious security bug in wu-ftpd v2.4 Aleph One (Jan 04)
- Re: serious security bug in wu-ftpd v2.4 Wietse Venema (Jan 04)
- Buffer overflow in the query cgi. Apropos of Nothing (Jan 04)
- Re: Buffer overflow in the query cgi. Thomas H. Ptacek (Jan 04)
- Re: XDM bug jamie (Jan 03)
- Re: XDM bug Mr. ManX (Jan 03)