mailing list archives
Re: gtk+ security hole.
From: Joe <joe () blarg net>
Date: Thu, 4 Jan 2001 11:33:46 -0800
This is going to quickly get out-of-hand I think, but my 2 cents...
On Wed, 3 Jan 2001, Bryan Porter wrote:
I'm sorry, but this seems a bit much for me. My car has tires, and because
the tires are kind of bad and over-engineered, I should'nt drive over 10MPH
because they might explode? What? Fix the tires. Same thing here.
Analogies are always bad. This one more-so than most. A wheel is, by
definition, a required element for driving a car. A GUI is not required for
most programs and definitely should be avoided when writing suid
programs. Suid programs should be as lean and mean as possible.
"Don't make GTK+ program suid/setgid because it's based on another project
with multiple potential vulnerabilites." Absolutely ridiculous. "Our tires
suck because we bought cheap rubber." What?
No - to try my hand at bad analogies, it's more like buying a set of
candy-glass tires because the tires are pretty. Go ahead and take those
candy-glass tires out on the freeway if you want, but when you crash and
burn don't come crying to us.
Bottom line, if GTK+ is broken, fix it. And if it can't safely run suid,
then it is horribly broken. It's a graphic library for christs sake.
Precisely - don't write suid programs with crap you don't absolutely have to
have. I think the GTK team's response is more than appropriate. Anybody that
wants to include a half-million lines of someone elses code into their suid
programs does so at their own risk.
Joe Technical Support
General Support: support () blarg net Blarg! Online Services, Inc.
Voice: 425/401-9821 or 888/66-BLARG http://www.blarg.net