Bug 888083

Summary: Guest normal account can click and initiate a Fedora 18/19 software update without submitting to password security check.
Product: [Fedora] Fedora Reporter: Leslie Satenstein <lsatenstein>
Component: up2dateAssignee: Adrian Likins <alikins>
Status: CLOSED CANTFIX QA Contact: Beth Nackashi <bnackash>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: lsatenstein
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: System maintainer is responsible for all software versions and patch levels on his system. Consequence: Fix: Result:
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-02-13 21:54:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Leslie Satenstein 2012-12-18 00:15:29 UTC 
Description of problem:

Normal user triggers and installs software updates with no password request.

Fedora 18 TC2 Release Candidate.

One account is with Administrator privileges
One account is with normal user privileges (title is guest)

The guest account user clicked on add/remove software, and then selected software update, which in the menu for the former.

It resulted in the automatic search for and installation of updates.

Should any regular normal user be allowed to install updates without providing the administrator password, and without being a member of the wheel group?

This means that a normal user of Fedora 18 can trigger and install updates without root or administrator's concent.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Leslie Satenstein 2013-02-08 00:18:23 UTC 
Fedora 18 DVD Jan 15th version

From a guest account I am able to start a software update.  

Only via an account with root privileges (root, or via sudo) should updates be permitted.

Here is the result of my test result.

The guest account is a normal (no administrator) privileges). There is no request for authorisation.  

Start Add/remove software, 

From Software Menu icon, click on it and select Check for Updates

The result is that the linux system is updated.

Why this should not be.  

We may have some application, database, network, or business application that needs execution with the linux system as it is.

By the non-authorized user, the updates were selected and applied, and with a kernel update, a reboot was required.  This reboot caused previous program(s) to fail.

Only via root privileges should an update be permitted.
Comment 2 Leslie Satenstein 2013-03-28 01:31:17 UTC 
Is my guest account (non administrator) going to initiate updates without providing a password?
Comment 3 Leslie Satenstein 2013-04-09 00:37:47 UTC 
Suppose I am running an application that requires a very specific version of installed software, and the normal user selects software update. My specific version of software may be overwritten, which means that other applications that will call the reserved version could fail.

We don't stand behind the user, watching what he does. He may trigger an update.

One option-- Require software updates to always require root privileges
2nd option-- Provide a blocking option as within yum such as exclude=
3rd option-- Do not show software selection for a normal user account.


Implement or indicate if it is a do-not-fix or will be fixed, and fix it.
Comment 4 Leslie Satenstein 2013-04-09 01:07:24 UTC 
This bug is a request to fix an insecurity problem.
Comment 5 Leslie Satenstein 2013-05-06 20:28:30 UTC 
A standard user should not be allowed to trigger software updates. Refer to comment 3 above
Comment 6 Leslie Satenstein 2015-02-13 21:54:29 UTC 
if guest user issues sudo, and is not in wheel group, user is blocked.