Samsung driver security hole
I read about this on Slashdot:
http://it.slashdot.org/article.pl?sid=07/07/18/0319203 I was wondering if the problem is with the installer or the driver itself? I had tried the driver from Samsung at first using the provided disk but I didn't like the way it ran. It had itself as lp and I wanted it to be in my list of drivers in CUPS. I also had noticed that the Samsung driver was owned by lp and the other printer drivers I have are owned by root. So I uninstalled the Samsung driver and found a way to manually install the driver using the instructions on linuxprinting.org (http://www.linuxprinting.org/show_pr...amsung-CLP-510) and I was able to add and manage my printer using CUPS and it now shows up in the list of printers as "SamsungCLP510" rather than "lp". Do I still have to worry about this possible security hole? |
According to the CVE candidate, it's the installer.
Quote:
You can see which file's perms it altered by looking at the installer script. |
I just downloaded the driver and took a quick look at the installer.
Found these commented lines: Code:
# wrap_setuid_third_party_application xsane |
I looked at the installer (the version I have is: 20070424151034937_UnifiedLinuxDriver) and this is what I saw:
Code:
wrap_setuid_third_party_application() { Code:
wrap_setuid_third_party_application xsane Code:
unwrap_setuid_third_party_application() { I looked at xsane and xscanimage and saw that they are owned by root and their permissions are set to what the majority of the other apps are set to: -rwxr-xr-x. I guess I don't have to worry then? |
Yeah, the version I got was 20070720152943906 (2.00.97).
Maybe post the output of this command so we can see which of your binaries are SUID: Code:
find / -type f -perm +4000 |
So, this is the result of that command (carried out as myself not as root):
Code:
/bin/su |
Any of the mentioned binaries appear in there? I took a quick look and didn't see any but it's hard to tell with all those permission denieds. Why don't you run it as root to make it clearer?
|
I did the command again as root like you said and I didn't see any mention of xscanimage, xsane, soffice, swriter, scalc, or simpress.
|
All times are GMT -5. The time now is 06:54 AM. |