Control: severity -1 normal Control: close -1 Am 27.07.2017 um 17:53 schrieb mviereck: > Package: policykit-1 > Version: 0.105-18 > Severity: grave > Tags: security > Justification: user security hole > > Dear Maintainer, > > If an unprivileged user is member of group sudo, he can achieve unrestricted > root privileges with pkexec > and his user password (instead of root password). This happens regardless if > or if not package sudo is installed, > and regardless of existing or non-existing entries in /etc/sudoers. > > Command sudo and group sudo were designed to allow single privileged commands > for unprivileged users.
This is not correct. The default sudo config ships %sudo ALL=(ALL:ALL) ALL I.e., a user in group sudo can run every command with root privileges. > Instead, pkexec allows full root access for members of group sudo. > > I expect: > - pkexec does not regard group sudo. (clean way, unlinking polkit from sudo) > or > - pkexec regards entries in /etc/sudoers. (dirty way, pkexec should not be > mixed with sudo) > > (Not regarding group sudo would also avoid prompting non-sudo-group users for > passwords of sudo-group users) Granting root-like access via group sudo is intended and not a security hole and the policykit policy is in line with the sudo policy here. Regards, Michael
signature.asc
Description: OpenPGP digital signature