Home page logo

bugtraq logo Bugtraq mailing list archives

Re: gtk+ security hole.
From: Kain <kain () CHAOSIUM NET>
Date: Wed, 3 Jan 2001 02:08:08 -0600

On Tue, Jan 02, 2001 at 04:13:58PM -0500, Rob Mosher wrote:
A simple fix to this would be to drop priveleges before calling
gtk_init(), another easy fix is to modify gtk itself, to do this you
need to make the following modification of gtkmain.c.  In gtk-1.2.8 its
at approximately line 215, you have:
Is this bug also in the glib/gtk 2 code?  Bad things could also be done with this by writing your own gtk-engine and 
putting your evil code to load in .gtkrc...

I'm no toolkit expert, but with the theming support in Qt2, does it have similar rendering-module support?

IMO, the best way to fix this would be to have libglib/gtk see if euid==0 and just ignore those variables on init, and 
quite possibly go so far as to ignore "engine" lines in .gtkrcs or maybe filter them....
Art is a lie which makes us realize the truth.
                -- Picasso
Evil Genius
Bryon Roche, Kain <kain () chaosium net>

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]