[Bug 206676] New: YaST > Network Services > Remote Administration allows EVERYBODY to shutdown the machine or kill the X-server
https://bugzilla.novell.com/show_bug.cgi?id=206676 Summary: YaST > Network Services > Remote Administration allows EVERYBODY to shutdown the machine or kill the X-server Product: SUSE Linux 10.1 Version: Final Platform: i686 OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: danielstefanmader@web.de QAContact: jsrain@novell.com While experimenting with the VNC capabilities of YaST I had to learn that with default settings on KDM the enabled Remote Administration gives *everybody* access to the shutdown/reboot/X-restart options of the display manager. These options should be disabled for any remote access via VNC *by default* since there is no password protection at this level at all. Any option to control the privileges of local and remote users in that respect should be conveniently accessible from this YaST module, too. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 aj@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |kde-maintainers@suse.de |screening@forge.provo.novell| |.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 wstephenson@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|kde-maintainers@suse.de |yast2-maintainers@suse.de ------- Comment #1 from wstephenson@novell.com 2006-09-21 02:43 MST ------- Can you change DISPLAYMANAGER_SHUTDOWN in /etc/sysconfig/displaymanager to 'root' when enabling VNC? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 fehr@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|yast2-maintainers@suse.de |mzugec@novell.com ------- Comment #2 from fehr@novell.com 2006-09-21 02:56 MST ------- Reassigned to maintainer of yast2-network -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 ------- Comment #3 from danielstefanmader@web.de 2006-09-21 06:22 MST -------
Can you change DISPLAYMANAGER_SHUTDOWN in /etc/sysconfig/displaymanager to 'root' when enabling VNC?
If I remember correclty I have tried to change the default value to root but to no success. Anyways -- it says in the description of that option: Determine who will be able to shutdown or reboot the system in kdm and gdm. Valid values are: "root" (only root can shutdown), "all" (everybody can shutdown), "none" (nobody can shutdown from displaymanager), "auto" (follow System/Security/Permissions/PERMISSION_SECURITY to decide: "easy local" is equal to "all", everything else is equal to "root"). Note that remote user can never shutdown in GDM. So no remote user should ever be able to shutdown, which is a sensible default value. Unfortunately it doesn't work -- and having to tweak deeply buried settings in sysconfig in order to make the system secure doesn't appeal to me, too. Sounds so much like Redmond in my ears :) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 danielstefanmader@web.de changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Normal |Major Priority|P5 - None |P2 - High ------- Comment #4 from danielstefanmader@web.de 2006-09-29 02:00 MST ------- Hello again, I found the time to investigate some more. Setting YaST > Security and Users > Local Security to "Networked Workstation" and enabling Remote Administration still offers shutdown/reboot options to _everybody_ in KDM -- even though the /etc/sysconfig settings in Desktop > Display manager > DISPLAYMANAGER_SHUTDOWN claim this should only be possible by root! Imho this really is a security issue since it allows for a DoS attack without actually having to attack :) There should be no shutdown options offered to remote users by default, no matter what the security settings are unless otherwise set by the admin. Since nobody seems to care I will the the severity of this bug to major and the priority to P2. Please feel free to readjust in case necessary. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 kmachalkova@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|mzugec@novell.com |kmachalkova@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 kmachalkova@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |wstephenson@novell.com ------- Comment #5 from kmachalkova@novell.com 2006-10-16 07:29 MST ------- Daniel, I don't know why it doesn't work for you, but if I changed DISPLAYMANAGER_SHUTDOWN to 'root', kdm prompted me for root password when trying to shutdown the machine, both localy and remotely. Of course, one needs to restart kdm ('rckdm restart') after such change. Maybe you could also try (as a temporary workaround) to go to KDE COntrol Centre > System Administration > Login Manager > Shutdown and set local and remote shutdown privileges there. That should definitely work But I agree this needs to be resolved somehow, since YaST remote administration module does not offer any option to state who can remotely shutdown the machine. Now there are two things: sysconfig variable DISPLAYMANAGER_SHUTDOWN and KDE's own settings in /opt/kde3/share/config/kdm/kdmrc. I don't know how all these work toghether at the end and how kdm tells local and remote shutdown apart. Will, can you please comment? (or reassign to whomever is responsible for kdm stuff) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 ------- Comment #6 from danielstefanmader@web.de 2006-10-16 08:06 MST ------- Hi, I very much think the above description *does* work for me, too (DISPLAYMANAGER_SHUTDOWN set to 'root'). Unfortunately this is very uncomfortable for local users and the 'auto' setting should take care of it in a better way: shutdown possible for locals but not for remote users. Additionally, this is not the default option for a fresh install so that I think that enabling Remote Administration without tweaking sysconfig is like shooting off your leg. I was trying to see if the auto option works any better, but for any reason I can no longer access 5901 but get a grey window only (VNC display sharing on 5900 and KDE's built in Desktop Sharing work...*confused*). I double and triple checked sysconfig and firewall settings but to no success. Any idea what is going wrong here? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 kmachalkova@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Info Provider|wstephenson@novell.com |kde-maintainers@suse.de ------- Comment #7 from kmachalkova@novell.com 2006-10-17 05:54 MST ------- Reassigning request for info from kde-maintainers -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 wstephenson@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Info Provider|kde-maintainers@suse.de |coolo@novell.com ------- Comment #8 from wstephenson@novell.com 2006-10-17 06:37 MST ------- Sorry coolo, you are It in this case. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 ------- Comment #9 from kmachalkova@novell.com 2006-11-01 08:57 MST ------- Ping, coolo. Any news here ? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 coolo@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|coolo@novell.com | ------- Comment #10 from coolo@novell.com 2006-11-02 01:38 MST ------- just reading though it, this can hardly be the case for a default system (as in no build service packages). Because /opt/kde3/share/config/SuSE/default/kdmrc has AllowShutdown=Root for * and only for :* (local displays) it will allow LocalShutdown from sysconfig. So far I thought this is a 10.2 alpha bug -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 kmachalkova@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |danielstefanmader@web.de ------- Comment #11 from kmachalkova@novell.com 2006-11-08 03:29 MST ------- Daniel, please enable remote administration in YaST and then try to configure kdm login manager (KDE Cntrol Centre > System Administration > Login Manager > Shutdown) so that you allow local shutdown for everybody and remote shutdown for root only. If then remote shutdown by non-root user will still work for you, I'll reassign this to KDE team. So far, I don't know how YaST could handle this because there are several login managers and no way to let YaST know which one (kdm? gdm? xdm?) the user uses. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 ------- Comment #12 from danielstefanmader@web.de 2006-11-09 07:11 MST ------- Hi, sorry that I can't help and try, but as stated in comment #6 I can no longer access my computer on port 5901 at all. I get "unable to connect to host: Connection refused (10061)" on the vcnclient on windows. Sharing X via Xorg works (albeit I can still not use spaces in passwords as described in a bug report which is closed already. I have no idea what I am doing wrong, the respective firewall ports are open! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 kmachalkova@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|danielstefanmader@web.de | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=206676 kmachalkova@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |WORKSFORME ------- Comment #13 from kmachalkova@novell.com 2006-11-09 07:29 MST ------- If you think that VNC being no longer accessible is a bug, please open different bug report. I'll close this one as worksforme, since I'm unable to reproduce. Please reopen if you see the problem again. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com