Hi David, Le vendredi 20 mars 2009 à 22:23 +0100, David Paleino a écrit : > CCing -devel, as I'd need some advice on how to properly handle this, as it > might introduce some security issues.
I drop -devel from cc as I won't bring anything interesting for them I guess... > On Mon, 16 Mar 2009 08:29:52 +0100, Julien Valroff wrote: > > > Package: wicd > > Version: 1.5.9-4 > > Severity: normal > > > > Hi David, > > Hello Julien, > > > I have just noticed sudo needs to be installed and configure to be able to > > run /usr/share/wicd/configscript.py > > Well, well... I don't see any reference to sudo in that script: > > ---8<--- > if __name__ == '__main__': > if os.getuid() != 0: > print "Root privileges are required to configure scripts. Exiting." > sys.exit(0) > main(sys.argv) > --->8--- > > so, it "just" needs root privileges. Also: > > $ grep sudo /usr/share/wicd/* > $ Sorry, I hadn't checked the code. Here is what I can see from ps after clicking "scripts": julien 4330 0.4 2.5 23744 12896 ? S 08:16 0:00 /usr/bin/gksudo -m You must enter your password to configure scripts /usr/share/wicd/configscript.py 0 wireless root 4331 0.0 0.2 3868 1248 ? Ss 08:16 0:00 /usr/bin/sudo -H -S -p GNOME_SUDO_PASS -u root -- /usr/share/wicd/configscript.py 0 wireless Now, I have a dialog telling me the root rights were given without asking for a password. Then, nothing happens and I have to kill wicd-client. After relaunching wicd-client, I get the password dialog, asking me for *my* password. And I get an error "Impossible to laucnh /usr/share/wicd/configscript.py '0' 'wireless' as root" (it mentions sudo in the long description below), and I have the following line in my auth.log: Mar 21 08:19:20 hestia sudo: julien : command not allowed ; TTY=unknown ; PWD=/usr/share/wicd ; USER=root ; COMMAND=/usr/share/wicd/configscript.py 0 wireless sudo is installed in my system, but configured for only a bunch of commands. I would rather not configure it for this. Cheers, Julien -- Membre de l'April - « promouvoir et défendre le logiciel libre » - http://www.april.org Rejoignez maintenant plus de 4 000 personnes, associations, entreprises et collectivités qui soutiennent notre action -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org