Review Request 117125: start_kdeinit: Use capabilities instead of SUID
Hrvoje Senjan
hrvoje.senjan at gmail.com
Thu May 29 12:57:26 UTC 2014
> On April 11, 2014, 6:46 p.m., Commit Hook wrote:
> > This review has been submitted with commit e898d13b430692e775060d49342181192e122fdf by Hrvoje Senjan to branch master.
>
> Hrvoje Senjan wrote:
> i've reverted the commit now. capabilities break LD_LIBRARY_PATH, so this is a no-go. apologies for potentially caused troubles =(
>
> Hrvoje Senjan wrote:
> hm, but we have worse situation with SUID (and LD_LIBRARY_PATH is also not propagated there). the process would terminate, as i wrote in diff2 changes. i wonder should OOM protection be removed entirely? at least with distribution side of things, it looks like we had it SUID on openSUSE; and from what i found, none of e.g. Arch, Fedora, Debian/Kubuntu, Gentoo has it this way...
>
> > I assume the same can be done with kcheckpass at some point too?
> missed this one. it would appear so, but i've just tried removing the sticky bits, and unlock works correctly (with KF5 based locker). so maybe not :)
>
> Alex Merry wrote:
> Actually, ArchLinux does have start_kdeinit setuid.
i see. i guessed wrongly then that other distros also need to adjust permissions by hand (as we do within .spec) in e.g. PKGBUILD's, debian/rules/install, etc.
- Hrvoje
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/117125/#review55468
-----------------------------------------------------------
On May 15, 2014, 11:12 p.m., Hrvoje Senjan wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/117125/
> -----------------------------------------------------------
>
> (Updated May 15, 2014, 11:12 p.m.)
>
>
> Review request for KDE Frameworks, Andreas Hartmetz and David Faure.
>
>
> Bugs: https://bugzilla.novell.com/show_bug.cgi?id=862953
> https://bugs.kde.org/show_bug.cgi?id=https://bugzilla.novell.com/show_bug.cgi?id=862953
>
>
> Repository: kinit
>
>
> Description
> -------
>
> The issue came up on security review of kinit package (yes, same is valid for kdelibs4...)
> SUSE security team is not happy with kdeinit being SUID helper, thus capabilities are utilized first (if available)
> I've just tried to integrate the suggested patch (from the report) with the CMake bits
>
>
> Diffs
> -----
>
> CMakeLists.txt 8bd43d8
> cmake/FindLibcap.cmake PRE-CREATION
> src/config-kdeinit.h.cmake c89c713
> src/start_kdeinit/CMakeLists.txt 6bfc496
> src/start_kdeinit/start_kdeinit.c 3c733e7
>
> Diff: https://git.reviewboard.kde.org/r/117125/diff/
>
>
> Testing
> -------
>
> Built:
> with setcap & libcap present - installed as advertised;
> without one/both of them - the old procedure is in place (using SUID for the helper)
>
> I am not sure how to test the OOM killer, fortunately it never kicked in kdelibs4 variant, so can't also say did it work as planned before...
>
>
> Thanks,
>
> Hrvoje Senjan
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20140529/962686f9/attachment.html>
More information about the Kde-frameworks-devel
mailing list