** Description changed:
I have set up a number of user accounts. On one of these accounts I
adjusted the user privileges (System->Administration->Users and
Groups->Properties->User Privileges). For one particular user I de-
selected the two options:
- * Connect to Internet using a modem
- * Connect to wireless and ethernet networks
+ * Connect to Internet using a modem
+ * Connect to wireless and ethernet networks
However, despite disabling access to the internet, the user is still
able to connect to the internet through a wireless connection.
I am assuming that this is a security vulnerability, because the
intention is to deny access and this doesn't occur.
I am using Ubuntu 8.10
+
+ ----
+
+ Policykit has been introduced without supporting the unix groups. (used
+ by admins and set up by the installer)
+
+ i.e. It is possible to create a policy that just said "yes" rather than
"auth_*" where the default was "no", for anyone in the netdev group
+ so theiy could do it without a password.
+
+ -> we should ship PolicyKit config files that make use of these groups.
** Tags added: regression
** Summary changed:
- policykit breaking unix user/group privileges
+ policykit introduction broke unix user/group privileges
** Changed in: policykit-1 (Ubuntu)
Status: Invalid => Confirmed
--
policykit introduction broke unix user/group privileges
https://bugs.launchpad.net/bugs/326135
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
