Bug 182352 - HAL allows non-privileged console user to circumvent system policy
HAL allows non-privileged console user to circumvent system policy
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: hal (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: John (J5) Palmieri
: Security
Depends On:
Blocks: FC5Blocker
  Show dependency treegraph
 
Reported: 2006-02-21 18:13 EST by David Zeuthen
Modified: 2013-03-13 00:49 EDT (History)
2 users (show)

See Also:
Fixed In Version: 0.5.7-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-24 20:56:15 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description David Zeuthen 2006-02-21 18:13:05 EST
Description of problem:

HAL allows non-privileged console user to circumvent system policy by allowing
mounting of devices that the administrator put in /etc/fstab

Expected results:

HAL should refuse Mount() methods on devices specifically listed in /etc/fstab.

Additional info:

I've got a fix for this in HAL CVS. As I'm the upstream developer I also urge
upgrading to a new release for FC5Final rather soon as other important (though
not security critical) bugs have been fixed. I will do a hal 0.5.7 release later
this week.

I am marking this as a FC5 blocker bug.

Note You need to log in before you can comment on or make changes to this bug.