Major Security Hole In Samsung Linux Drivers 295
GerbilSoft writes with news of a major security hole in Samsung's proprietary Linux printer drivers. From the Ubuntu Forums: "Just to inform you about a recent post on the French Ubuntu forum about Samsung drivers (sorry, in French). [Google translation here.] It appears that Samsung unified drivers change rights on some parts of the system: After installing the drivers, applications may launch using root rights, without asking any password. What is more, you may be able to kill your system, by deleting system components, generally modifiable only by using sudo." GerbilSoft adds: "Among the programs that it sets as setuid-root are OpenOffice, xsane, and xscanimage."
Thank you! (Score:5, Funny)
What were they trying to do? (Score:2, Funny)
Windows ME(tm)(r) Security(tm)(r)(c)(*) now available on Linux, brought to you by Samsung(tm)(r)
Let me be the first to say... (Score:2, Funny)
Does anyone have _any_ idea why they did this?
Fortunately, I don't use the drivers supplied by Samsung for my printer. They are crap. The foomatic one works just fine, though.
Re:Time to Get Heavy (Score:3, Funny)