On Mon, 6 Nov 2000, Geir Torstein Kristiansen wrote:
> Geir Torstein Kristiansen wrote:
> >
> > I *really* don't like the way blackbox runs arbitrary shell commands in
> > themes.
> >
> > There should be a standard way to set backgrounds that doesn't involve
> > the shell commands.
> >
> > Exploit:
> >
> > Malicous themes could contain nasty commands like: rootCommand: rm -rf
> > $HOME and the like.
> >
> > Imagine if blackbox is run as root, and you have a theme that contains
> > stuff like rootCommand: echo
> > "root:crypt-password:0:0:root:/root:/bin/bash" >>/etc/passwd; bsetroot
> > <normal stuff>
> >
> > And they wouldn't know what hit'em because everything will appear
> > normal, and the bg will be set.
> >
> > Note that I haven't bothered to test these.
>
> It's gone about one week now since I asked this question on the list. I
> am wondering if the blackbox developers have anything to say about this.
> Is this something that is on your TODO list for future blackbox versions
> or is it something that you don't care about at all?
>
i'll say something about this.
first of all, there's no cause for concern if you simply audit your style
files before using them. it's a very easy thing, nothing more than
'grep -i rootcommand <style>'
secondly, if you run x as root, you deserve what you get.
i don't really see this as being a problem. there is potential danger in
just about anything you install on your unix/unix-like system. do you
always look through the source code you compile to check for back doors or
destructive shell commands? if you use binaries, are you sure you can
trust the people who compiled them? how paranoid do you want to be?
somewhere along the line you are trusting someone, and most of the time
your trust is well-placed. with blackbox style files, you don't even have
to trust, because you can easily check them yourself.
that's my take on it.
cheers,
cthulhain
-- 4.0k -rw-rw-r-- 1 zork zork 17 Apr 4 17:38 .signature
