Mailinglist Archive: opensuse-bugs (8114 mails)

< Previous Next >
[Bug 247287] New: Listing of user privileges requires superuser privileges
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 21 Feb 2007 03:59:56 -0700 (MST)
  • Message-id: <bug-247287-21960@xxxxxxxxxxxxxxxxxxxxxxxxx/>
https://bugzilla.novell.com/show_bug.cgi?id=247287

Summary: Listing of user privileges requires superuser privileges
Product: SUSE Linux 10.1
Version: Final
Platform: All
OS/Version: SLES 10
Status: NEW
Severity: Enhancement
Priority: P5 - None
Component: Zenworks
AssignedTo: zlm-code10-bugs@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: peter.surda@xxxxxxxxxxxxxxxxxx
QAContact: sarifulla@xxxxxxxxxx


If you want to view current zmd users and their privileges (e.g. "rug
user-list"), it requires superuser privileges. Unfortunately, this does not fit
into my scenario.

Imagine that there is a user whose purpose is to perform security audits. This
user should be able to view settings, but not modify them. At the moment, the
aforementioned issue prevents this from being implemented properly.

I propose either a new privilege (labeled "readonly" or "security"), or
changing the "user-list" requirements to "view" (the former is probably more
secure).

PS. I can probably write the patch myself, but I am not sure how to rebuild the
novell-zmd RPM (it complains that it requires packages not existing in SLES10).


--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

< Previous Next >
This Thread
  • No further messages