http://bugzilla.novell.com/show_bug.cgi?id=523006 User lnussel@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=523006#c4 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de --- Comment #4 from Ludwig Nussel <lnussel@novell.com> 2009-07-20 05:55:04 MDT --- Doesn't make me less nervous at all :-) I guess that group tape comes from debian. I also guess that the admin intends to put users in that group to allow additional access to tape drives only. So abusing that group to also allow access to setuid binaries that potentially allow full root access is not that smart. I'd suggest to use a separate group for the (root equivalent) amanda user and use the tape group only as supplemental group to gain access to tape drives. So without full security audit I'd change the entries in the permission files from root:disk to root:amanda. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.