Re: gtk+ security hole.

[Joe <joe () blarg net>]

This is going to quickly get out-of-hand I think, but my 2 cents...

On Wed, 3 Jan 2001, Bryan Porter wrote:

> I'm sorry, but this seems a bit much for me. My car has tires, and because
> the tires are kind of bad and over-engineered, I should'nt drive over 10MPH
> because they might explode? What? Fix the tires. Same thing here.

Analogies are always bad. This one more-so than most. A wheel is, by
definition, a required element for driving a car. A GUI is not required for
most programs and definitely should be avoided when writing suid
programs. Suid programs should be as lean and mean as possible.

> "Don't make GTK+ program suid/setgid because it's based on another project
> with multiple potential vulnerabilites." Absolutely ridiculous. "Our tires
> suck because we bought cheap rubber." What?

No - to try my hand at bad analogies, it's more like buying a set of
candy-glass tires because the tires are pretty. Go ahead and take those
candy-glass tires out on the freeway if you want, but when you crash and
burn don't come crying to us.

> Bottom line, if GTK+ is broken, fix it. And if it can't safely run suid,
> then it is horribly broken. It's a graphic library for christs sake.

Precisely - don't write suid programs with crap you don't absolutely have to
have. I think the GTK team's response is more than appropriate. Anybody that
wants to include a half-million lines of someone elses code into their suid
programs does so at their own risk.

--
Joe                                     Technical Support
General Support:  support () blarg net     Blarg! Online Services, Inc.
Voice:  425/401-9821 or 888/66-BLARG    http://www.blarg.net