On Mon, Nov 06, 2006 at 10:31:04AM +0100, Christoph Thiel wrote: > Christian, many thanks for sharing these with us! > > On Sun, Nov 05, 2006 at 08:32:57PM +0100, Christian Boltz wrote: > > > My candidates: > > > > https://bugzilla.novell.com/show_bug.cgi?id=216485 > > opensuse-updater shows error message in tooltip > > zypp-checkpatches-wrapper does not get the suid-root bit if running with > > permissions.secure. This makes opensuse-updater unuseable. > > Please reconsider the settings for permissions.secure (or remove zmd > > when running with permissions.secure - I consider its broken permission > > concept more critical ;-) > > Let's get the security teams point of view here.
Rational: You likely do not want users to be able to run system administrator tasks in "secure" mode at all, without root password protection. It should probably not start opensuse-updater then. Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
