----- Forwarded message from [EMAIL PROTECTED] ----- > From: [EMAIL PROTECTED] > Reply-To: [EMAIL PROTECTED] > X-Mailer: Mutt 1.0.1i > Date: Thu, 10 Aug 2000 16:05:51 -0300 > To: [EMAIL PROTECTED] > Subject: Conectiva Linux security announcement - usermode > > ---------------------------------------------------------------------- > CONECTIVA LINUX SECURITY ANNOUNCEMENT > ---------------------------------------------------------------------- > > PACKAGE : usermode > SUMMARY : Console users can obtain root privileges > DATE : 2000-08-10 > AFFECTED CONECTIVA VERSIONS : 4.0, 4.0es, 4.1, 4.2, 5.0, 5.1, e-commerce > and graphic tools > > > DESCRIPTION > The usermode package, along with pam_console, allows console users to > execute some privileged commands, like reboot or halt. It is required > that these users have shell and console access and that they provide > their password. > The shutdown command is one of those privileged commands, and console > users can issue this command to switch to runlevel 1, thus obtaining > root privileges. > > > SOLUTION > All users should upgrade immediately. The new usermode package does not > provide this funcionality for the shutdown command anymore. "reboot" and > "halt", among others, are still honored. > Administrators who do not want normal users to be able to execute these > commands at the console should remove the usermode package entirely. > > > DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES > ftp://atualizacoes.conectiva.com.br/4.0/i386/usermode-1.19-3cl.i386.rpm > ftp://atualizacoes.conectiva.com.br/4.0es/i386/usermode-1.19-3cl.i386.rpm > ftp://atualizacoes.conectiva.com.br/4.1/i386/usermode-1.19-3cl.i386.rpm > ftp://atualizacoes.conectiva.com.br/4.2/i386/usermode-1.19-3cl.i386.rpm > ftp://atualizacoes.conectiva.com.br/5.0/i386/usermode-1.19-3cl.i386.rpm > ftp://atualizacoes.conectiva.com.br/5.1/i386/usermode-1.19-3cl.i386.rpm > >ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/usermode-1.19-3cl.i386.rpm > >ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/usermode-1.19-3cl.i386.rpm > > > DIRECT LINK TO THE SOURCE PACKAGES > ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/usermode-1.19-3cl.src.rpm > ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/usermode-1.19-3cl.src.rpm > ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/usermode-1.19-3cl.src.rpm > ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/usermode-1.19-3cl.src.rpm > ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/usermode-1.19-3cl.src.rpm > ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/usermode-1.19-3cl.src.rpm > >ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/usermode-1.19-3cl.src.rpm > >ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/usermode-1.19-3cl.src.rpm > > > ---------------------------------------------------------------------- > > All packages are signed with Conectiva's GPG key. The key can be obtained at > http://www.conectiva.com.br/contato > > ---------------------------------------------------------------------- > subscribe: [EMAIL PROTECTED] > unsubscribe: [EMAIL PROTECTED] > > ----- End forwarded message ----- -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
