Bug 163914 - XDM gives administrator authorization immeditely after login
Summary: XDM gives administrator authorization immeditely after login
Status: CLOSED WORKSFORME
Alias: None
Product: Fedora
Classification: Fedora
Component: usermode   
(Show other bugs)
Version: 4
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jindrich Novy
QA Contact: David Lawrence
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-07-21 22:00 UTC by Allan Engelhardt
Modified: 2013-07-02 23:08 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-10-10 16:21:12 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Allan Engelhardt 2005-07-21 22:00:23 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.7.8-2

Description of problem:
When I login with a standard account using the "Graphical Greeter" I have immediate access to the root commands from the menu (e.g. Gnome start button->Desktop->System Settings->Root Password) without entering the root password.

The 'Shield icon' also appears in the panel (eventually, after Nautilus starts).

I am not sure if this has always happened after I installed FC4, or only after my last logout with the 'save session' option checked, where I _might_ have had the root authorization.

Version-Release number of selected component (if applicable):
xinitrc-4.0.18-1

How reproducible:
Always

Steps to Reproduce:
1. Logout
2. Press CTRL+ALT+Backspace just to be sure
3. Login
4. Hit Gnome start button->Desktop->System Settings->Root Password
  

Actual Results:  The Root Password application started

Expected Results:  It should have said:

You are attempting to run "system-config-rootpassword" which requires administrative privileges, but more information is needed in order to do so.

and asked for the root password

Additional info:

This is not specific to the Root Password application.
Comment 1 Allan Engelhardt 2005-07-21 22:09:24 UTC 
I did some more testing: it is the 'save settings' that also saves the root
access status.  I am pretty sure that is not the desired behavior.

1. Wait for the 'shield' to go away in the Panel.
2. Logout with 'save settings'
3. Log back in.

Now the privileged applications prompt for password, as expected.

4. Enter the root password to gain access to one of the applications.
5. Logout with 'save settings'

and you are back as above: you have full root access from the moment you log in.
Comment 2 Mike A. Harris 2005-08-30 13:44:47 UTC 
I don't see the connection between the reported problem and the
xinitrc package, so I'm assuming this was misfiled against the
incorrect component.

I'm not sure what the correct component is, so I'll take a stab at
it...   reassigning to "usermode", which I think handles the
root priv stuff.  Please reassign to the more appropriate
component if that's not correct.
Comment 3 Jindrich Novy 2005-10-10 12:24:11 UTC 
I'm unable to reproduce it. I don't have root privileges even if I was a former
root. It looks like a race condition with pam_panel_icon what requires that you
login as root, log out and quickly login as an unprivileged user. Does it
happens when you wait a while (say 1min between the logins)?
Comment 4 Allan Engelhardt 2005-10-10 16:21:12 UTC 
Jindrich,

I can not reproduce this on a up-to-date FC4 installation.  I don't know what
changed the behavior, but it is OK now.

Changed to WORKSFORME.
Note You need to log in before you can comment on or make changes to this bug.