Date: Wed, 24 Oct 2001 19:06:10 -0400 From: Harry Tabak <htabak@quadtelecom.com> To: Frank Tobin <ftobin@neverending.org> Cc: Will Andrews <will@physics.purdue.edu>, security@FreeBSD.ORG Subject: Re: KCheckPass -- make it setuid root or not? Message-ID: <3BD74962.9900EF9F@quadtelecom.com> References: <20011019133826.O4565-100000@palanthas.neverending.org>
next in thread | previous in thread | raw e-mail | index | archive | help
A modest suggestion! Warning messages during make() which explain why an expected feature won't work, do not necessarily reach the intended audience. For instance, some people build their systems from binaries. Therefore one of the following decisions need to be made: a) setuid executables are a necessary evil, and therefore kcheckpass is built setuid. b) setuid executables are absolutely evil, remove kcheckpass and programs that depend on it. c) fence straddle. Leave it to the user, but modify kscreensaver so that it will not lock the the system unless kcheckpass can unlock the screen! Display a GUI message explaining the problem when this occurs. - Harry Tabak Quad Telecom, Inc. Frank Tobin wrote: > > Will Andrews, at 12:07 -0500 on 2001-10-19, wrote: > > OK, so I keep getting mail every now and then from people who can't > figure out why kcheckpass / kscreensaver won't authenticate their > password(s). It's because I decided to play it safe and made > kcheckpass non setuid root, which it needs in order to call > getpwnam(). > > Why would you choose to make it non setuid root? Isn't the warning that > is associated with all setuid-installed programs enough? Not installing > it setuid-root would be like installing sudo without setuid; it's > pointless without the bit set. > > You can't count on the warning messages to get to the user; if someone > goes to ports/x11/kde2, and does "make install", the message is going to > be buried in the middle of compiling kdelibs, kdebase, kdemultimedia, > kdenetwork, etc. > > -- > Frank Tobin http://www.neverending.org/~ftobin/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BD74962.9900EF9F>