http://bugzilla.novell.com/show_bug.cgi?id=523006
User lnussel@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=523006#c4
Ludwig Nussel changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |security-team@suse.de
--- Comment #4 from Ludwig Nussel 2009-07-20 05:55:04 MDT ---
Doesn't make me less nervous at all :-)
I guess that group tape comes from debian. I also guess that the admin intends
to put users in that group to allow additional access to tape drives only. So
abusing that group to also allow access to setuid binaries that potentially
allow full root access is not that smart. I'd suggest to use a separate group
for the (root equivalent) amanda user and use the tape group only as
supplemental group to gain access to tape drives.
So without full security audit I'd change the entries in the permission files
from root:disk to root:amanda.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.