[Cooker] [Bug 1005] [msec] unable to reset TMOUT to 0

Fri, 07 Feb 2003 13:35:30 -0800 

https://qa.mandrakesoft.com/show_bug.cgi?id=1005





------- Additional Comments From [EMAIL PROTECTED]  2003-02-07 22:33 -------
I don't have the appropriate priv to confirm this bug, but if it can
make you any pleasure, I'll confirm it unofficially :-)
You'll also be pleased to learn that this behavious is by design,
as they say :-). From /usr/share/msec/libmsec.py :
def set_shell_timeout(val):
    '''  Set the shell timeout. A value of zero means no timeout.'''

    msec = ConfigFile.get_config_file(MSEC)

    if msec.exists():
        old = msec.get_shell_variable('TMOUT')
        if old != None:
            old = int(old)
    else:
        old = None

    # don't lower security when not changing security level
    if _same_level:
        if old != None and old > val:
            return

It's difficult to understand how lowering the timeout for the
shell is _lowering_ security, so this could be seen as a bug.
OTOH, you are trying to set it to 0; so you are indeed lowering
security.
Anyway, if the user set security through level.local, msec should
not try to second guess - but that's just my opinion.
Maybe something like that :
--- libmsec.py.orig     2003-02-03 09:14:43.000000000 +0100
+++ libmsec.py  2003-02-07 22:39:58.000000000 +0100
@@ -300,7 +300,7 @@
         old = None

     # don't lower security when not changing security level
-    if _same_level:
+    if not _interactive and _same_level:
         if old != None and old > val:
             return


But I am no msec expert.
I'll vote for this bug (I am not sure what voting is achieving
anyway, but that's a small gesture :-))






------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.



------- Reminder: -------
assigned_to: [EMAIL PROTECTED]
status: UNCONFIRMED
creation_date: 
description: 
Step to reproduce.

1. create a file /etc/security/msec/level.local containing
from mseclib import *
set_shell_timeout(300)

2. set security by executing msec (no level to be specified)

3. look at /etc/sysconfig/msec and notice the line:
TMOUT=300

All is correct for now.

Now I want to reset TMOUT to 0.

4. I edit /etc/security/msec/level.local and change the line to:
set_shell_timeout(0)

5. execute 'msec' again

6. the line in /etc/sysconfig/msec is still the same 'TMOUT=300'
where it should be TMOUT=0

Reply via email to