Hi,
it has been brought to my attention (through #512803) that su does not
clean the environment at all. This has several security implications:
* variables like PERL5LIB or GTK_MODULES can be passed to another
user, leading to unwanted execution of code;
* variables like DBUS_SESSION_BUS_ADDRESS or XDG_SESSION_COOKIE
export authentication information that could be used to obtain
private information such as passwords in gnome-keyring.
Before I work around this specific issue in the fugliest way, shouldn’t
we prevent su from preserving the environment?
There have been several security advisories related to sudo not cleaning
the environment, and the final call has been to make env_reset the
default. Is there any reason why su should not be considered vulnerable
the same way?
Cheers,
--
.''`.
: :' : We are debian.org. Lower your prices, surrender your code.
`. `' We will add your hardware and software distinctiveness to
`- our own. Resistance is futile.
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=