Red Hat Bugzilla – Bug 112419
root privileges remain after logout and reboot
Last modified: 2007-11-30 17:10:34 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5)
Description of problem:
pam_timestamp should "flush" root privileges on logout.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Log into KDE and start any app linked to userhelper
2. Log out
3. Log in again
Actual Results: The program is restored without passwort. Any other
app that requires root access can bee used, too.
Expected Results: Passwords should be forgotten on logout and the
password dialog should appear before a programm with root privileges
can be started/restored.
Even happens after a reboot!
The easiest solution is probably to save login time of the current tty
to the timestamp file and check if it's the same when reusing the
*** Bug 132112 has been marked as a duplicate of this bug. ***
I have fix for this. Actually it's not necessary to save the login
time. It's enough to test if the oldest login time of the user is
older than the timestamp to allow access.
*** Bug 111932 has been marked as a duplicate of this bug. ***