Re: setuid binary in ktsuss

To: Yves-Alexis Perez <corsac@debian.org>
Cc: debian-security@lists.debian.org
Subject: Re: setuid binary in ktsuss
From: Russ Allbery <rra@debian.org>
Date: Sat, 09 Feb 2008 14:13:30 -0800
Message-id: <[🔎] 87tzkhbwxh.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 1202591134.8252.7.camel@hidalgo> (Yves-Alexis Perez's message of "Sat\, 09 Feb 2008 22\:05\:34 +0100")
References: <[🔎] 1202591134.8252.7.camel@hidalgo>

Yves-Alexis Perez <corsac@debian.org> writes:

> I'm about to upload ktsuss to debian, wich is a graphical wrapper around
> su (much like gksu but without any gnome dependency). One point puzzles
> me, the ktsuss binary is setuid root (so it can read the root password).
> gksu doesn't do this (it calls su, I guess).

I would expect it to use PAM, which uses the setuid unix_chkpwd binary.
If it's not using PAM, that's probably a bug.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: setuid binary in ktsuss
  - From: Hubert Chathi <uhoreg@debian.org>

References:
- setuid binary in ktsuss
  - From: Yves-Alexis Perez <corsac@debian.org>

Prev by Date: setuid binary in ktsuss
Next by Date: Re: setuid binary in ktsuss
Previous by thread: setuid binary in ktsuss
Next by thread: Re: setuid binary in ktsuss
Index(es):
- Date
- Thread