svgalib risks

[tibor simko]

>>>>> "jaroslav" == Jaroslav Benkovsky <benkovsk na pha.pvt.cz> writes:

    jaroslav> Ale
    jaroslav> funkce vga_init() ty prava ziskana pres SUID shazuje,
    jaroslav> takze kdyz se pouzije na zacatku, tak IMHO to potom
    jaroslav> nejde o moc vice exploitnout nez rozhodit obraz, ne?

pred casom na debian-devel mailingliste napisal joey hess toto:

  Of course, svgalib does give up suid root permissions when it
  initializes. However, there have been plenty of security problems in
  the past with suid games that waited too long to give up their suid
  root and were exploitable.

ps: jedna zaujimava alternativa k suidroot je ioperm, viacej na
http://www.inka.de/~bigred/sw/ioperm.txt...
-- 
tibor.simko na aleph.dpp.fmph.uniba.sk