Bug#474024: gksu: locking mouse/keyboard not enough to protect against keylogging
Timo Juhani Lindfors
timo.lindfors at iki.fi
Sat May 3 11:32:23 UTC 2008
Hi,
Josselin Mouette <joss at debian.org> writes:
> Indeed, gksu should be made setgid something to protect against such
> attacks.
Hmm, is this really worth it? Couldn't the malicious process next just
do
1) cp /usr/bin/gksudo /tmp/bin/gksudo
2) ptrace POKETEXT all potential parents of gksudo to call
/tmp/bin/gksudo instead
What if gksudo showed a "personalized greeting text" that only the
local user knows? This way user could detect if she/he is actually
talking to the real setgid gksudo that can read the "secret" greeting
from disk. (Of course normal people are way too lazy to set something
like this.)
best regards,
Timo Lindfors
More information about the pkg-gnome-maintainers
mailing list