On Thu, 6 Mar 1997, Alexander O. Yuriev wrote:
> Recently once again an exploit for SuperProbe was posted to the
> bugtraq. That message was forwarded to linux-security and Rogier Wolff
> rejected it on the basis of the author of the SuperProbe (David Wexelblatt)
> comment that it was never intended to be suid.
That seems like a reasonable reason to reject postings to linux-security
... until you realise that the XFree86 team''s *own* distribution
installs
SuperProbe setuid to root:
steve@hilbert{steve}tar tvzf /usr/src/XF86/X32bin.tgz |grep SuperProbe
-rws--x--x root/root 60048 Oct 27 05:28 1996 bin/SuperProbe
> In general, there is absolutely no reason for programs that are
> supposed to be run only by root to be suid to root!
Agreed. And I may be too credulous here, but it seems to me that if
anyone should know which X clients need to be setuid to root, it would be
the XFree team!
On the other hand, besides the aforementioned superprobe, xterm and xload,
the XFree distribution includes something called ''dga'', also
setuid root.
The only obvious documentation about it is the manpage which says it''s
a
test program for some X extension, and that''s it. I removed the setuid
bit from this at once, because I knew I wasn''t going to use it, and I
am
always suspicious of anything that says it''s a test program.
SuperProbe didn''t trigger the same sort of suspicion in my mind. Given
that it is known to be bad, and known to be setuid root in the canonical
distribution, I''d rather have the postings let through to
linux-security.
(And, for that matter, sent to XFree86)
[Mod: Please check your distributions and squash suid bit on SuperProbe and
dga. There is no reason for users to run those programs unless they are
system administrators, in which case, they should aquire enough priviledges
to run those programs using other methods -- alex]
--
Steve Robbins <steve@nyongwa.montreal.qc.ca>
If mashed potatoes were security guards, they wouldn''t get much done.