Hallo, Hans-Christoph Steiner hat gesagt: // Hans-Christoph Steiner wrote: > On Jul 12, 2007, at 3:18 PM, Mathieu Bouchard wrote: > > > Last year I demonstrated that it is possible to make a very small > > external that gives root access to the whole pd process. This > > vulnerability only affects Miller's pd, including pd-0.41-0test04 > > (which is the absolute latest). I have fixed that problem during > > devel_0_39 and carried it into the desiredata branch. > > > > This problem is largely theoretical so far, as it requires an > > external to play with the setuid/seteuid commands. I can't think of > > any external that does that, except the small test that I made for > > the purpose of verifying my claim. > > > > I haven't looked much for other possible breaches of root access. > > This is only possible if you are running Pd as root, which is general > is not a good idea. If Pd is running as a different user, then you > wouldn't be able to gain root access.
Matju can comment better, but AFAIR in my tests his external also worked with a setuid root Pd started as a normal user. You can check this with the code, it's somewhere in the bug tracker. Anyways, making /usr/bin/pd setuid is not necessary anyway, as I wrote in another mail. Ciao -- Frank Barknecht _ ______footils.org_ __goto10.org__ _______________________________________________ [email protected] mailing list UNSUBSCRIBE and account-management -> http://lists.puredata.info/listinfo/pd-list
