kcheckpass SUID

To: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Subject: kcheckpass SUID
From: Eric Reischer <emr@engr.de.psu.edu>
Date: Mon, 19 Jul 2004 09:16:28 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.4.53.0407190910060.26912@gonzo.de.psu.edu>

In the documentation for kcheckpass, it states that in order for the
program to work properly on shadow systems, it needs to be SUID root.  In
the version that comes with sarge (all I've checked thus far), it is not.

I know it ends up using PAM anyway, and returns successful using that auth
method, however it proves to be a problem for (the few) people like me who
use programs like SNARE to monitor system activity.  When, for instance,
a non-root user attempts to unlock the screen saver, SNARE throws a
security warning stating that the user made an attempt to open
/etc/shadow.  After making kcheckpass SUID as recommended, the warnings
went away.

I can fix the problems myself on a per-machine basis, but I thought the
developers should be aware of this as it may save some other people a few
headaches.


Eric

*********************************************************************
Eric Reischer                                 emr@engr.de.psu.edu
"The most beautiful thing we can experience
is the mysterious."                    -- Albert Einstein
*********************************************************************

Reply to:

Prev by Date: kdenonbeta/kdedebian/kapture/libcapture
Next by Date: kdenonbeta/kdedebian/kapture/libcapture
Previous by thread: Processed: reassign 260214 to kdebase
Next by thread: Bug#260325: korganizer: Very fragile on AMD64
Index(es):
- Date
- Thread