[Bug 1140994] New: iputils: Add permissions for arping and clockdiff
http://bugzilla.suse.com/show_bug.cgi?id=1140994 Bug ID: 1140994 Summary: iputils: Add permissions for arping and clockdiff Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: petr.vorel@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Permissions should be the same as for ping: root:root 0755 +capabilities cap_net_raw=p PR solving this was prepared (fixing more than this bug): https://github.com/openSUSE/permissions/pull/24 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1140994
http://bugzilla.suse.com/show_bug.cgi?id=1140994#c1
Matthias Gerstner
http://bugzilla.suse.com/show_bug.cgi?id=1140994
http://bugzilla.suse.com/show_bug.cgi?id=1140994#c2
Malte Kraus
http://bugzilla.suse.com/show_bug.cgi?id=1140994
http://bugzilla.suse.com/show_bug.cgi?id=1140994#c3
--- Comment #3 from Petr Vorel
Do you have some added context on why these capabilities are necessary now? Have the tools only been available to root until now? A quick test seems to suggest just that. Yes.
Adding new privileges will need a code review, however. I'm changing this bug into an AUDIT bug and a member of the security team will look into it.
OK, I'll remove this from https://github.com/openSUSE/permissions/pull/24 and create new one for it. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1140994
http://bugzilla.suse.com/show_bug.cgi?id=1140994#c4
--- Comment #4 from Petr Vorel
http://bugzilla.suse.com/show_bug.cgi?id=1140994
http://bugzilla.suse.com/show_bug.cgi?id=1140994#c5
Malte Kraus
http://bugzilla.suse.com/show_bug.cgi?id=1140994
http://bugzilla.suse.com/show_bug.cgi?id=1140994#c6
Malte Kraus
http://bugzilla.suse.com/show_bug.cgi?id=1140994
http://bugzilla.suse.com/show_bug.cgi?id=1140994#c7
--- Comment #7 from Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com