17238 – Linuxconf breaks security when used to assign privileges

Bug 17238 - Linuxconf breaks security when used to assign privileges

Summary: Linuxconf breaks security when used to assign privileges

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	linuxconf
Sub Component:
Version:	6.2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nalin Dahyabhai
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2000-09-04 17:36 UTC by Need Real Name
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-02-21 18:47:45 UTC
Embargoed:

Attachments	(Terms of Use)

Description Need Real Name 2000-09-04 17:36:32 UTC

When linuxconf is used to change user privileges (say to allow one specific user to shutdown the system), it breaks the security.  After making 
the change ALL users are then allowed to shutdown the system.  This is after all the latest patches for PAM, usermode, etc. have been 
applied.

Comment 1 Brent Fox 2002-06-05 16:12:02 UTC

Closing because we don't ship linuxconf anymore

Comment 2 Red Hat Bugzilla 2006-02-21 18:47:45 UTC

Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.