[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Why is su preserving the environment?

Le samedi 24 janvier 2009 à 15:39 +0000, Matthew Johnson a écrit :
> > Clearly that’s not the case, since the original issue happens over
> > D-Bus. In this case, not for authentication, but clearly the application
> > launched as root can connect to the session bus.
> Well, clearly something else is going on because root can't connect to the
> session bus here, this is on Lenny. I'm also part of DBus upstream and AFAIK
> this part of the security policy has not changed:

You are pretty damn right. I thought it was a general D-Bus issue since
bonobo uses the session bus address, but it only uses it to define a
lock file for ORBit. So the problem actually lies in libbonobo - which
makes it much less important in scope. Thanks for your insight.

(I still think we shouldn’t keep such environment variables in processes
started with su, but given the other reactions I’m not willing to argue
more on this.)

: :' :      We are debian.org. Lower your prices, surrender your code.
`. `'       We will add your hardware and software distinctiveness to
  `-        our own. Resistance is futile.

Attachment: signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=

Reply to: