Review Request 113518: KDM/KFrontend: Avoid potentially exploitable privilege dropping

Martin Bříza mbriza at redhat.com
Thu Jan 2 15:29:10 GMT 2014



> On Nov. 5, 2013, 6:54 p.m., Oswald Buddenhagen wrote:
> > what exploit do you have in mind?

Originally I submitted it for avoiding leaving supplemental groups assigned to the process but it's not necessary in this case... discarding


- Martin


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/113518/#review43117
-----------------------------------------------------------


On Jan. 2, 2014, 3:28 p.m., Martin Bříza wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/113518/
> -----------------------------------------------------------
> 
> (Updated Jan. 2, 2014, 3:28 p.m.)
> 
> 
> Review request for kde-workspace and Oswald Buddenhagen.
> 
> 
> Repository: kde-workspace
> 
> 
> Description
> -------
> 
> Initialize the user's groups in between calling setegid and seteuid to have the correct supplemental groups in place.
> 
> 
> Diffs
> -----
> 
>   kdm/kfrontend/kgreeter.cpp 1bddab5 
> 
> Diff: https://git.reviewboard.kde.org/r/113518/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Martin Bříza
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20140102/99174857/attachment.htm>


More information about the kde-core-devel mailing list