Date: Mon, 10 Apr 1995 14:39:14 -0300
From: Harlan Stenn <Harlan.Stenn@pfcs.com>
To: terry@cs.weber.edu (Terry Lambert)
Cc: jkh@freefall.cdrom.com, kuku@gilberto.physik.rwth-aachen.de, joerg_wunsch@uriah.heep.sax.de, freebsd-current@freefall.cdrom.com
Subject: Re: should su retain ${DISPLAY}
Message-ID: <18547.797539154@mumps.pfcs.com>
In-Reply-To: terry@cs.weber.edu's message dated Mon, 10 Apr 1995 11:31:02. <9504101731.AA24214@cs.weber.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Me> The short version of my comment on DISPLAY and "su -" is that I'd Me> usually prefer that it be there for me. Since I don't get this Me> behavior be default, I don't know about any times I'd prefer that it Me> didn't happen. Terry> I believe that allowing a root credentialed process to open a Terry> window on an X termintal without going through the authentication Terry> protocol once again (this time with the new credentials) Terry> represents a probable security hole. Maybe I'm being dense. Anybody can point the DISPLAY variable wherever they want. Where is the connection (no pun intended) between passing the DISPLAY variable and the authentication protocol? And while I didn't say it originally, If I'm going to "su -" at all, I usually do it to a non-root user (like when I run backups as the backup user). H
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18547.797539154>