Bug 479677
| Summary: | gnome-screensaver never propagates the environment to its helper dialog | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | ritz <rkhadgar> | ||||
| Component: | gnome-screensaver | Assignee: | Ray Strode [halfline] <rstrode> | ||||
| Status: | CLOSED WONTFIX | QA Contact: | desktop-bugs <desktop-bugs> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 5.4 | CC: | tis, vbenes | ||||
| Target Milestone: | rc | Keywords: | Patch | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-07-05 22:25:02 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 743405, 807971 | ||||||
| Attachments: |
|
||||||
dev_ack+ patch is available This request was evaluated by Red Hat Product Management for inclusion, but this component is not scheduled to be updated in the current Red Hat Enterprise Linux release. If you would like this request to be reviewed for the next minor release, ask your support representative to set the next rhel-x.y flag to "?". This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release. Development Management has reviewed and declined this request. You may appeal this decision by reopening this request. |
Created attachment 328732 [details] patch based on upstream code Description of problem: "When a user attempts to unlock the screen, the gnome-screensaver session daemon spawns gnome-screensaver-dialog to authenticate the user. On systems where shadow passwords are in use, and on which PAM (which it is assumed can check passwords without elevated privileges), the dialog is setuid. For the sake of these cases, gnome-screensaver starts the dialog with only a handful of variables copied from the user's environment (PATH, SESSION_MANAGER, XAUTHORITY, XAUTHLOCALHOSTNAME, LANG, LANGUAGE). While this does nothing to prevent the user from doing the same thing and attempting to exploit any bugs which might be present in a setuid installation of gnome-screensaver-dialog, it also penalizes the non-setuid case by breaking themes and any other user-interface customizations which are specified through the environment." Additional info: