Mailinglist Archive: opensuse-bugs (2150 mails)

< Previous Next >
[Bug 872276] AUDIT-0: libKF5Su5.x86_64: E: permissions-file-setuid-bit (Badness: 10000) /usr/lib64/kde5/libexec/kdesud is packaged with setuid/setgid bits (02755)

Sebastian Krahmer <krahmer@xxxxxxxx> changed:

What |Removed |Added
CC| |security-team@xxxxxxx
InfoProvider| |hrvoje.senjan@xxxxxxxxx

--- Comment #1 from Sebastian Krahmer <krahmer@xxxxxxxx> 2014-04-15 09:29:00
UTC ---
Should not be of much problem, as its only g+s nogroup:

chgrp nogroup '\${KDESUD_PATH}' && chmod g+s '\${KDESUD_PATH}'\"

The peer-id check of the socket still seems there when
pwd caching is used. Also see here:

However it needs to be enabled during build, e.g. there must be
a string of

"socket not owned by me! socket uid ="

inside the binary. Then everything should be fine.

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >