Mailinglist Archive: opensuse-bugs (8034 mails)
| < Previous | Next > |
[Bug 227511] opensuseupdater doesn't authenticate to http proxy
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Tue, 12 Dec 2006 03:35:37 -0700 (MST)
- Message-id: <20061212103537.BFBFEF7B@xxxxxxxxxxxxxxxxxxxxxx>
https://bugzilla.novell.com/show_bug.cgi?id=227511
dmacvicar@xxxxxxxxxx changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |NEEDINFO
Info Provider| |mludvig@xxxxxxxxxxxx
------- Comment #5 from dmacvicar@xxxxxxxxxx 2006-12-12 03:35 MST -------
Comment #3 is incorrect.
Please forget about the applet. The applet is dumb. The real guilty here is a
binary the applet launches.
This binary is run by the user, but the bnary has the suid bit on (+s).
I think the bug could be that, HOME is defined in this case as the user's home,
but zypp still looks if the curl file is owned by root. I mean, this implies
zypp is not taking the case where a user runs a suid program linked to it.
Michal, can you please chown /home/mludvig/.curlrc to root but give permissions
to others to read?
I want:
mludvig@zofka:~> ls -l .curlrc
-rw-r--r-- 1 root users 31 2006-12-12 14:33 .curlrc
and see if it works.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
dmacvicar@xxxxxxxxxx changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |NEEDINFO
Info Provider| |mludvig@xxxxxxxxxxxx
------- Comment #5 from dmacvicar@xxxxxxxxxx 2006-12-12 03:35 MST -------
Comment #3 is incorrect.
Please forget about the applet. The applet is dumb. The real guilty here is a
binary the applet launches.
This binary is run by the user, but the bnary has the suid bit on (+s).
I think the bug could be that, HOME is defined in this case as the user's home,
but zypp still looks if the curl file is owned by root. I mean, this implies
zypp is not taking the case where a user runs a suid program linked to it.
Michal, can you please chown /home/mludvig/.curlrc to root but give permissions
to others to read?
I want:
mludvig@zofka:~> ls -l .curlrc
-rw-r--r-- 1 root users 31 2006-12-12 14:33 .curlrc
and see if it works.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
| < Previous | Next > |