Bug 5648 - kppp allows any user to change global settings
Summary: kppp allows any user to change global settings
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: kdenetwork
Version: 6.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Preston Brown
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-10-06 17:56 UTC by tango
Modified: 2008-05-01 15:37 UTC (History)
0 users

(edit)
Clone Of:
(edit)
Last Closed: 2000-01-17 18:39:11 UTC


Attachments (Terms of Use)

Description tango 1999-10-06 17:56:39 UTC
kppp is actually a soft link: /usr/bin/kppp -> consolehelper
Consolehelper asks for root password and then executes
/sbin/kppp with root privileges. The problem is that, with
this security method, when you modify your kppp
configuration, you're NOT modifying
$HOME/.kde/share/config/kppprc but
/root/.kde/share/config/kppprc and this file is overwritten
by *any* user with his/her own configuration.

Comment 1 Preston Brown 2000-01-17 18:39:59 UTC
fixed for next release.


Note You need to log in before you can comment on or make changes to this bug.