mailing list archives
Re: gtk+ security hole.
From: Kain <kain () CHAOSIUM NET>
Date: Wed, 3 Jan 2001 02:08:08 -0600
On Tue, Jan 02, 2001 at 04:13:58PM -0500, Rob Mosher wrote:
A simple fix to this would be to drop priveleges before calling
gtk_init(), another easy fix is to modify gtk itself, to do this you
need to make the following modification of gtkmain.c. In gtk-1.2.8 its
at approximately line 215, you have:
Is this bug also in the glib/gtk 2 code? Bad things could also be done with this by writing your own gtk-engine and
putting your evil code to load in .gtkrc...
I'm no toolkit expert, but with the theming support in Qt2, does it have similar rendering-module support?
IMO, the best way to fix this would be to have libglib/gtk see if euid==0 and just ignore those variables on init, and
quite possibly go so far as to ignore "engine" lines in .gtkrcs or maybe filter them....
Art is a lie which makes us realize the truth.
Bryon Roche, Kain <kain () chaosium net>