MightyE wrote: > If anything I'd call this a security consideration of Escape Pod. > Perhaps Escape Pod should try to talk to the process it's about to > kill, and get its 'permission' for killing, and failing a timely > response (2 secs?), drop the program. ScreenSaverEngine would have to > be tailored to respond to such a request. > > On Linux, doesn't xscreensaver run as root? Wouldn't this be another > option here (I'm admittedly unfamiliar with Mac OS X), preventing > Escape Pod from even being capable of terminating the screensaver > process? Or does Escape Pod also run as root? > > If you ask me, Escape Pod owes it to their users to develop the > product in such a way so to not nullify reasonable security measures > on the part of the OS, even if that's an option to never terminate > processes named ScreenSaverEngine. > > -MightyE > You read my mind on this one. However, one of the complaints I've heard about having xscreensaver as a SUID root binary is that an exploitable vulnerability (buffer overflow, et al) in the xscreensaver binary could allow an attacker even greater elevated priviledges (much worse than simply killing ScreenSaverEngine)... a solution to this would be running the ScreenSaverEngine SUID some other user (like, oh, maybe "screensaver")... and that should stop a usermode program from killing the screensaver. Unless, as you mentioned, that usermode program were running as SUID root - in which case I'd have to ask: Why in the name of $DEITY are you running a program that can kill any process on the screen as root?!? -Barry p.s. I don't have a Mac OS X system on hand nor do I have access to one. I have no way to test the plausibility of this solution on that particular system. :)
This archive was generated by hypermail 2b30 : Thu Jul 31 2003 - 13:33:14 PDT