On Thu, 27 Jul 2017 at 18:00:27 +0200, Michael Biebl wrote:
> Granting root-like access via group sudo is intended and not a security
> hole and the policykit policy is in line with the sudo policy here.
This is also as documented in base-passwd, which is the central
authority on what the predefin
Control: severity -1 normal
Control: close -1
Am 27.07.2017 um 17:53 schrieb mviereck:
> Package: policykit-1
> Version: 0.105-18
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Dear Maintainer,
>
> If an unprivileged user is member of group sudo, he can achieve unrestr
Package: policykit-1
Version: 0.105-18
Severity: grave
Tags: security
Justification: user security hole
Dear Maintainer,
If an unprivileged user is member of group sudo, he can achieve unrestricted
root privileges with pkexec
and his user password (instead of root password). This happens regard
3 matches
Mail list logo