aRts < 1.0.3 local root exploit
Dirk Mueller
mueller at kde.org
Mon Jul 8 13:16:59 BST 2002
Moin Stefan!
It seems the posting on bugtraq was a fake, there is no exploitable local
root. However, there are plenty possibilities of local DoS attacks when
realtime scheduling is allowed and enabled.
The question is: Do we care ?
Will we enhance security of arts for KDE 3.0.3 / 3.1 ?
things like:
- refuse to run as root, setuid to nobody then or similiar
- refuse to load player plugins from nonroot, different users
- fix the exploitable buffer overflows in arts
Should we recommend to disable realtime priority (i.e. remove the suid bit
on artswrapper)?
Should we make the non-suid artswrapper the default ?
I'm preparing an advisory, so please reply ASAP :-)
Dirk
(Keep me on CC)
More information about the kde-multimedia
mailing list