[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ${HOME} vs. g_get_home_dir ()

On Thu, Sep 27, 2012 at 11:53:36PM +0200, Josselin Mouette wrote:
> Le jeudi 27 septembre 2012 à 14:39 -0700, Josh Triplett a écrit : 
> > Agreed entirely.  In particular, it breaks the very common use case of
> > running a program with sudo.  "sudo foo" leaves $HOME set to the user's
> > home directory rather than root, so that foo will use the same
> > configuration either way.  
> This is a bug in sudo. There can be very dangerous things in $HOME (such
> as scriptable application configuration files), and they should clearly
> be ignored in favor of those of root.

Since the user has already ran sudo, I don't see a problem.  If you can add
a scriptable config file, you can arrange for that "sudo" to be a wrapper
over "/usr/bin/sudo".

> > A user can then use sudo -H or sudo -i if
> > they want a more rootish environment.  Other programs that don't respect
> > $HOME include ssh, which forces ugly workarounds like this:
> > sudo ssh -o UserKnownHostsFile=$HOME/.ssh/known_hosts ...
> This is desired. Allowing to use another user’s known_hosts, which can
> have been fiddled with, is dangerous.

YOUR known_hosts?  What Josh mentioned is using /home/you rather than /root;
if someone else can fiddle with your known_hosts and you can run arbitrary
commands through sudo, you're screwed already as files in .ssh tend to be
more secure than most other files.

Copyright and patents were never about promoting culture and innovations;
from the very start they were legalized bribes to give the king some income
and to let businesses get rid of competition.  For some history, please read

Reply to: