Control: severity -1 normal
Control: close -1
Am 27.07.2017 um 17:53 schrieb mviereck:
> Package: policykit-1
> Version: 0.105-18
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Dear Maintainer,
>
> If an unprivileged user is member of group sudo, he can achieve
Processing control commands:
> severity -1 normal
Bug #869922 [policykit-1] policykit-1: members of group sudo become root with
pkexec while ignoring /etc/sudoers
Severity set to 'normal' from 'grave'
> close -1
Bug #869922 [policykit-1] policykit-1: members of group sudo become root with
Package: policykit-1
Version: 0.105-18
Severity: grave
Tags: security
Justification: user security hole
Dear Maintainer,
If an unprivileged user is member of group sudo, he can achieve unrestricted
root privileges with pkexec
and his user password (instead of root password). This happens
3 matches
Mail list logo