Re: is it a security problem in Mandrake 9.1???
From: Christopher Nehren (email@example.com)
Date: Mon, 21 Apr 2003 13:10:45 -0400 From: Christopher Nehren <firstname.lastname@example.org> To: Navtej Singh <email@example.com>
On Mon, 2003-04-21 at 01:14, Navtej Singh wrote:
> when u are logged on as a normal user.............click on a rpm
> file that is to be installed.it askes for root
> password......after installation click on any other rpm that is
> to be installed and it goes on smoothely without root
> password..............that is once root authenticates himself
> with the grpmi he remains authenticated for the whole session??
> do u think it a security problem??? i suppose though not too
> serious it a security flaw and should be corrected....
I'm -assuming- that you're using Mandrake's default GUI (since you never
mentioned anything concerning a GUI at all, besides things that you need
a GUI to do), which is KDE. KDE uses a password caching system for their
su utility (that thing which asks you for root password), kdesu. This
stores the password for a preset period of time (10 or 20 minutes,
IIRC), by default, unless you change it. When this password is stored,
the authenticated user can do -anything- that root could do (remove
files (e.g. libc.so, ld.so, your kernel), reboot the system, etc., etc.
...). GNOME has a similar mechanism (which, if that's what you're using,
also apparently supports caching from what you've described).
If you're really worried about security, you should completely disable
this setting for all but one account, and disable the caching. Or you
could do an even better job and use the command line, removing the GUI
tool (which probably has holes anyway) and trusting the much older (i.e.
mature, robust, secure) routines in su or sudo or the like. Think of the
GUI authentication methods like a box set in temporary Windows mode --
the user can do anything they want, including removing files necessary
for the operation of the system.
It's not really a security hole in Mandrake, but Mandrake also doesn't
make it any more secure by providing such a streamlined method for
potential crackers to obtain full access to your system. Please do some
reading about user authentication techniques -- and -please- get out of
the habit of having the GUI do it all for you. Just last week (week
before?) there was a security hole found in KDE (specifically
KGhostview, if memory serves). When was the last hole found in su?
- application/pgp-signature attachment: This is a digitally signed message part