kdesudo
Thiago Macieira
thiago at kde.org
Mon Feb 23 22:23:35 GMT 2009
Alex Merry wrote:
>On Monday 23 February 2009 05:34:26 John Tapsell wrote:
>> A point brought up during the whole .desktop security problem, is
>> kdesudo. It only prompts for the password once, and then from then on
>> (for next X minutes), doesn't ask for the password again.
>>
>> So a program that wants to become root only has to wait until kdesudo
>> has been run normally, and then can run kdesudo itself, elevating
>> itself to root without the user knowing.
>
>This is a general problem with sudo. Even if we worked around it in
> kdesudo, an application could still call sudo directly after such an
> event, unless the sudoers file sets the timeout to 0, as Pau mentioned.
In other words, the moment that the trojan is executing, you're already
compromised.
We have to protect against the point of entry. And the user shouldn't use
superuser more than strictly necessary.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090223/a8851676/attachment.sig>
More information about the kde-core-devel
mailing list