Re: XDM bug

abelitsphobos.illtel.denver.co.us

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Aleph One: "serious security bug in wu-ftpd v2.4"
• Previous message: Mr. ManX: "Re: XDM bug"
• In reply to: jamie: "Re: XDM bug"
• Next in thread: Mr. ManX: "Re: XDM bug"

On Fri, 3 Jan 1997, jamie wrote:

> :On Thu, 2 Jan 1997, Angel Ortiz wrote:
> :[...]
> :> System: UNIX Ware systems with X
> :>
> :> Symptom:
> :> /usr/X/bin/xdm is setuid
> :[...]
> :> Any way, please verify xdm setuid on your systems and please let the
> :> bugtraq news group know if it exists on other systems.
>
> BSDi 2.1 is also not vulnerable. Even if it was suid, this problem can
> be (briefly) alleviated by popping it in you respectice /etc/rc.* file as
> opposed to starting it as a user.
>

  And what is the reason to start xdm as user? I can understand why some
perverted minds may want setuid X server (not that I think, it's any
smart), but xdm? User will still get the login box anyway, and there won't
be a way to stop xdm unless it's remained attached to the terminal (what
is insecure)... xdm is a server, other users may depend on, and if there
is no  other possible users, there won't be any need in starting xdm
manually anyway.  It's the same as, say, having setuid root inetd that
won't start by the startup script and will be used by a regular users to
enable network services. Or setuid root ftpd, so users will be able to
enable FTP access... Or httpd... Or sendm... Oops, this one exists, even
though the only thing it needs to do as root is listening to his port 25
and setuid to users to write mailboxes what could be safely done by
separate small program, always running as root, but this is a separate
issue.
--
Alex

• Next message: Aleph One: "serious security bug in wu-ftpd v2.4"
• Previous message: Mr. ManX: "Re: XDM bug"
• In reply to: jamie: "Re: XDM bug"
• Next in thread: Mr. ManX: "Re: XDM bug"