Mailinglist Archive: opensuse-bugs (2746 mails)

< Previous Next >
[Bug 820354] Apper Installs Software Without Root Authority

Scott Couston <secure@xxxxxxxxxxx> changed:

What |Removed |Added
InfoProvider|secure@xxxxxxxxxxx |

--- Comment #5 from Scott Couston <secure@xxxxxxxxxxx> 2013-06-08 09:26:48 EST
(In reply to comment #4)
I would like to see some steps to reproduce on a freshly booted system. Leave
out all oppinions

I would need to give you log data to support this, however it is my firm belief
that the only requirements are for a fresh installation where the user login is
created to not be root...Just untick the default.

My logs here on 2 production PC's would have further value.
Please ask me for anyfiles you need but start with the above..default, non
automated, KDE, user not equal to root; type Installation.

It appears that there are 3 different system update programs running. Online
update in Yast, Apper, and an automatic program that I cannot even find.

Each have varying degrees of problems failing to update due to dependency
problems that cannot be resolved because I can go into Yast and run online
update and even force check dependency; and get replied that there is nothing
to resolve.

The other issue I have found is that a user account can make changes to system
times. I run a NTP config for public time servers in Yast and thats all I need
to have but on the desktop the attached screen-shot will show what is available
without authority
As for outright time change via the screen shot; it does call for authority
BUT time zone/calendar type/ you name it; cvan be changed without authority.

I feel that already there are too many accounts used to run services at the
moment.The system user 'smolt' has me disturbed whatever that account is
designed to do. I guess we all would like to see more kernel resident and
initiated services; but thats a pipe dream :-)

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >