Bug 166806 - root password required to change display resolution
root password required to change display resolution
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: redhat-config-xfree86 (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Søren Sandmann Pedersen
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-25 18:18 EDT by David Meleedy
Modified: 2014-06-18 05:07 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-07 04:56:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Meleedy 2005-08-25 18:18:19 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.7.8) Gecko/20050512 Firefox/1.0.4

Description of problem:
In an Enterprise environment, it is not a good idea to supply root passwords
to every user in the company.  Also, it is taking up too much time for
admins to go around and fix every little request for display resolution
changes (we have hundreds of clients)

Therefore I would suggest adding a policy file for redhat-config-xfree86
that admins can set up an option (maybe in /etc/sysconfig) that either
prompts for a root password or doesn't when people run this program.

That way if some companies want a root password to be asked for every time,
they can have that behavior, and if they don't want the root password to be
asked for, they can have that behavior as well.

In order for this to work, I am assuming you would have to
change the configuration program to be setuid root so that you could modify
the /etc/X11/XFree86 file as a non-root user even though it is a root
owened file.

This change request is not only for Redhat Enterprise 3, but 4, and Fedora
as well.

Version-Release number of selected component (if applicable):
redhat-config-xfree86-0.7.7-1

How reproducible:
Always

Steps to Reproduce:
1. Try to change display resolution as non-root user with redhat-config-xfree86

Actual Results:  Root password prompted for.

Expected Results:  Display resolution would be changed without having to be root.

Additional info:
Comment 1 Mike A. Harris 2006-03-07 04:56:38 EST
system-config-display modifies the X server config file directly.  This is
something that mandatorily requires root priveledges to run.  Granting this
permission to all users, or any other users would give priveledge escalation
to those users, as it is possible to modify the X server configuration to
gain additional priveledges.

You can change the root window size using the xrandr utility as a non-root
user, or by using the display properties tab.  If you have users which you
trust to run the X config utility, you can use "sudo" to provide limited
non-root access to the command.

In a future upstream X.Org X release, more and more global X server settings
which are currently globally stored in xorg.conf are going to become per-user
and stored in a per-user location.  For the time being however, the
X server configuration utilities are root-only.

Closing request "WONTFIX" as implementing this would be a serious security
hole in the OS.


Note You need to log in before you can comment on or make changes to this bug.