[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: install screensaver with setuid root

On Sat, May 05, 2001 at 08:33:38PM +0200, Alex Suzuki wrote:
> On Sat, May 05, 2001 at 12:42:36PM -0500, John Hasler wrote:
> > Even if the application itself is free of buffer overflows and such you
> > would be granting root access to wads of unaudited and buggy library code.
> yeah, I guess you're right... too bad I love that screensaver :)

You should probably file a bug on the package, if it's not useable
without introducing a security risk.  Perhaps someone more familiar
with the code could seperate out the part that needs special
privileges into a seperate setuid program.


Subtlety is the art of saying what you think and getting out of the way
before it is understood.

Reply to: