[opensuse-security] Timezone and printer settings too restrictive by default
Hi there, Linus vocally complained about this today at https://plus.google.com/u/0/102150693225130002912/posts/1vyfmNCYpi5 and I verified that running GNOME on openSUSE 12.1, all updates applied, I do need to provide the root password to change the timezone or add a printer. That is a major usability issue for personas "Daniela" and "significant other", which means it has real life impact on both Linus and myself. :-) Surprisingly enough, I did not find existing Bugzilla entries, but perhaps those were (incorrectly) closed earlier and I missed them therefore? In any case, I filed https://bugzilla.novell.com/show_bug.cgi?id=749451 Adding a new printer via system-config-printer requires root password https://bugzilla.novell.com/show_bug.cgi?id=749453 Changing the timezone via world clock requires root password Any chance we can get these two resolved quickly? Thanks! Gerald PS: If I may ask for one favor, let's stay focused on meeting our users' needs rather than flailing on flames (some aspects of which were just inappropriate). -- Dr. Gerald Pfeifer <gp@suse.com> || SUSE || Director Product Management -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Gerald Pfeifer wrote:
Linus vocally complained about this today at https://plus.google.com/u/0/102150693225130002912/posts/1vyfmNCYpi5
I wonder when our beloved benevolent dictator finally grows up.
and I verified that running GNOME on openSUSE 12.1, all updates applied, I do need to provide the root password to change the timezone
There are separate privileges for changing the time zone and adjusting the clock where the former was allowed by default. The GNOME applet nowadays doesn't distinguish between both actions though. Even allowing to change the system's timezone is a workaround though. No privilege transition or modification of system properties (ie /etc/localtime) would be needed if glibc offer a sane per-user setting.
or add a printer.
Whether or not adding a printer requires the root password depends on your printer. If your printer is a known USB printer it's automatically set up when you connect it. No input needed at all then. Same for cups network printers. However, if you have a device that is not auto detected the user may have to enter things that could easily be used for privilege escalation to root or damage the system (like entering /dev/sda as device or specifying a ppd file that executes arbitrary code).
[...] Any chance we can get these two resolved quickly?
Short answer: No. Please hire someone to fix the underlying architectural problems if you want a fix rather than adding more mindless hacks. I'm convinced there are ways to make the system both secure and usable but not with the current tools. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
* Ludwig Nussel <ludwig.nussel@suse.de> [Feb 29. 2012 10:07]:
Any chance we can get these two resolved quickly?
Short answer: No. Please hire someone to fix the underlying architectural problems if you want a fix rather than adding more mindless hacks. I'm convinced there are ways to make the system both secure and usable but not with the current tools.
Should be possible to create an option to change the package installation setup in such a way that you can select a source for user installation; it would require such a source to be created too of course, with all printer packages plus dependencies. This might be interesting for admins too, who would like to give their users the ability to install from a certain source tree without having root access. -- Cheers, Joost -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Hello, On Feb 28 23:53 Gerald Pfeifer wrote (excerpt):
Linus vocally complained about this today at https://plus.google.com/u/0/102150693225130002912/posts/1vyfmNCYpi5
His tone is not acceptable so that I ignore what he spits out.
https://bugzilla.novell.com/show_bug.cgi?id=749451 Adding a new printer via system-config-printer requires root password
https://bugzilla.novell.com/show_bug.cgi?id=749453 Changing the timezone via world clock requires root password
Any chance we can get these two resolved quickly?
https://bugzilla.novell.com/show_bug.cgi?id=749451 is no bug because it works as intended. To change the intention how something works, bug reports are not appropriate. In such cases please file a FATE request. And then you manager, please do manage it to get it actually done and not lost again in endless futile duscussions as it happened all the time in the past with exactly the same issue. I suggest to file a FATE request to have two kind of security defaults out of the box: - The "traditional" one e.g. for corporate environments where ony a dedicated admin can change system settings. (It is questionable if e.g. the timezone is a system setting or only a user-level preference.) - Another one for "single user systems" where one same person who installs the system is also its user. I would be against a security default where any person who get access to the system can change anything (i.e. where anybody could hijack an unattended computer). Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
participants (4)
-
Gerald Pfeifer -
Johannes Meixner -
Joost van der Lugt -
Ludwig Nussel