[PD] Pd-0.39.2-extended-rc4 released on ubuntu

Miller Puckette mpuckett at imusic1.ucsd.edu
Fri Jul 13 05:18:47 CEST 2007


Pd does a "seteuid(setuid())" to un-get root priveliges if run as
setuid, after its priority gets promoted, so that it runs as the
user who started it.  But there are apparently loopholes, as Mathieu
has found.

I'm trying to repeat Frank's trick with /etc/security/limits.conf, so
far without success, but if that works it would be much preferable
to making Pd setuid root.

cheers
Miller

On Thu, Jul 12, 2007 at 10:40:49PM -0400, Hans-Christoph Steiner wrote:
> 
> On Jul 12, 2007, at 6:52 PM, Frank Barknecht wrote:
> 
> > Hallo,
> > Hans-Christoph Steiner hat gesagt: // Hans-Christoph Steiner wrote:
> >
> >> On Jul 12, 2007, at 3:18 PM, Mathieu Bouchard wrote:
> >>
> >>> Last year I demonstrated that it is possible to make a very small
> >>> external that gives root access to the whole pd process. This
> >>> vulnerability only affects Miller's pd, including pd-0.41-0test04
> >>> (which is the absolute latest). I have fixed that problem during
> >>> devel_0_39 and carried it into the desiredata branch.
> >>>
> >>> This problem is largely theoretical so far, as it requires an
> >>> external to play with the setuid/seteuid commands. I can't think of
> >>> any external that does that, except the small test that I made for
> >>> the purpose of verifying my claim.
> >>>
> >>> I haven't looked much for other possible breaches of root access.
> >>
> >> This is only possible if you are running Pd as root, which is general
> >> is not a good idea.  If Pd is running as a different user, then you
> >> wouldn't be able to gain root access.
> >
> > Matju can comment better, but AFAIR in my tests his external also
> > worked with a setuid root Pd started as a normal user. You can check
> > this with the code, it's somewhere in the bug tracker.
> >
> > Anyways, making /usr/bin/pd setuid is not necessary anyway, as I wrote
> > in another mail.
> 
> "setuid root" means that the process will always run as root, no  
> matter who starts it.  So it's the same as running pd as root.
> 
> .hc
> 
> >
> > Ciao
> > -- 
> >  Frank Barknecht                 _ ______footils.org_ __goto10.org__
> >
> > _______________________________________________
> > PD-list at iem.at mailing list
> > UNSUBSCRIBE and account-management -> http://lists.puredata.info/ 
> > listinfo/pd-list
> 
> 
> 
> ------------------------------------------------------------------------ 
> ----
> 
> I have the audacity to believe that peoples everywhere can have three  
> meals a day for their bodies, education and culture for their minds,  
> and dignity, equality and freedom for their spirits.      - Martin  
> Luther King, Jr.
> 
> 
> 
> _______________________________________________
> PD-list at iem.at mailing list
> UNSUBSCRIBE and account-management -> http://lists.puredata.info/listinfo/pd-list




More information about the Pd-list mailing list