[Bug 1170169] New: AUDIT-FIND: enlightenment: enlightenment_system: /etc/enlightenment/sysactions.conf limitations are ineffective
http://bugzilla.suse.com/show_bug.cgi?id=1170169 Bug ID: 1170169 Summary: AUDIT-FIND: enlightenment: enlightenment_system: /etc/enlightenment/sysactions.conf limitations are ineffective Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: simonf.lees@suse.com Reporter: matthias.gerstner@suse.com QA Contact: qa-bugs@suse.de CC: matthias.gerstner@suse.com, security-team@suse.de Blocks: 1169238 Found By: --- Blocker: --- +++ This bug was initially created as a clone of Bug #1169238 f) /etc/enlightenment/sysactions.conf limitations are ineffective There is a security mechanism implemented based on the file /etc/enlightenment/sysactions.conf. This file defines which users/groups are allowed to execute the `enlightenment_system` binary in the first place. The `_etc_enlightenment_system_conf()` function parses this file. However there seems to be a while or for loop body missing. Instead only the first line of the file is ever parsed, which happens to be a comment line by default. The logic in the function defaults to "allow everything" if nothing else was determined. Thus this security mechanism is currently ineffective and all users in the system can use the full functionality of the setuid-root program. I suggest to deny access by default and correct the algorithm to correctly parse the configuration file. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1170169
http://bugzilla.suse.com/show_bug.cgi?id=1170169#c1
--- Comment #1 from Simon Lees
http://bugzilla.suse.com/show_bug.cgi?id=1170169
http://bugzilla.suse.com/show_bug.cgi?id=1170169#c2
Matthias Gerstner
http://bugzilla.suse.com/show_bug.cgi?id=1170169
http://bugzilla.suse.com/show_bug.cgi?id=1170169#c3
--- Comment #3 from Simon Lees
http://bugzilla.suse.com/show_bug.cgi?id=1170169
http://bugzilla.suse.com/show_bug.cgi?id=1170169#c4
--- Comment #4 from Simon Lees
http://bugzilla.suse.com/show_bug.cgi?id=1170169
http://bugzilla.suse.com/show_bug.cgi?id=1170169#c5
--- Comment #5 from Simon Lees
http://bugzilla.suse.com/show_bug.cgi?id=1170169
http://bugzilla.suse.com/show_bug.cgi?id=1170169#c6
--- Comment #6 from Matthias Gerstner
http://bugzilla.suse.com/show_bug.cgi?id=1170169
http://bugzilla.suse.com/show_bug.cgi?id=1170169#c7
--- Comment #7 from Matthias Gerstner
http://bugzilla.suse.com/show_bug.cgi?id=1170169
http://bugzilla.suse.com/show_bug.cgi?id=1170169#c8
Matthias Gerstner
participants (2)
-
bugzilla_noreply@novell.com
-
bugzilla_noreply@suse.com