[Bug 221990] New: ZMD - Can identify that there are new updates without adding a priveledged user as it requests
https://bugzilla.novell.com/show_bug.cgi?id=221990 Summary: ZMD - Can identify that there are new updates without adding a priveledged user as it requests Product: SUSE Linux 10.1 Version: Final Platform: i386 OS/Version: SuSE Linux 10.1 Status: NEW Severity: Normal Priority: P5 - None Component: Update Problems AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: alpha096@tpg.com.au QAContact: jsrain@novell.com ZMD updater can identify when there are new updates on a cron (time) initiated event without adding a privileged user as it requests. The only advantage to granting it a root user authority seems to be its ability to check for updates on demand by clicking on refresh. The requirements for ZMD to have escalated privileges seems unclear. It seems it only requires root authority to add/delete software and check for updates on demand. The request that ZMD makes for root authority seems to be one of an optional requirement where the admin desires the user to add/delete software. I feel as most admins do not desire a user to have that authority to add/delete software so the request for root authority should be optional and the requirements and advantages made clear to the setup of ZMD and at time of root authority request. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=221990 aj@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |zlm-code10-bugs@forge.provo.novell.com |screening@forge.provo.novell| |.com | Component|Update Problems |Zenworks QAContact|jsrain@novell.com |jtariq@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=221990 alpha096@tpg.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Comment #1 from alpha096@tpg.com.au 2007-01-30 20:19 MST ------- With ZMD in 10.2 once given root authority it performs a system patch update very soothly - so in short ZMD function as designed in 10.2 so I am happy to close this bug - However, permanently providing an application that is capable of deleting the entire installation is not an acceptable internal risk in 10.1 and 10.2. Is there an advantage in creating another authority user other than root for ZMD to operate. I feel unsettled ANY application having permenent root authority -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com