Bug 625913 - changing system time could cause credentials expiration
Summary: changing system time could cause credentials expiration
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: polkit (Show other bugs)
(Show other bugs)
Version: 6.1
Hardware: All Linux
Target Milestone: rc
: ---
Assignee: Miloslav Trmač
QA Contact: BaseOS QE Security Team
Depends On:
Blocks: 662543
TreeView+ depends on / blocked
Reported: 2010-08-20 19:21 UTC by Tomas Pelka
Modified: 2014-04-03 14:36 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-04-03 14:36:00 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
FreeDesktop.org 29712 None None None Never

Description Tomas Pelka 2010-08-20 19:21:23 UTC
Description of problem:
Changing system time through clock-applet could cause credentials expiration, which means the credentials are always remembered like 5 minutes or so but in this case not.
Make sence when I change time forwards, but wondering what will happen when I change time backwards. Will credentials also extend its expiration time?   

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Right-client clock applet
2. Select 'Time Settings'
3. Adjust time and select 'Set System Time...'
4. Enter root password as prompted by polkit
5. Repeat steps 2.-4. several times, setting the clock both forward and backward.

Actual results:
Polkit do not remember crendentials when we change system time. 

Expected results:
If possible polkit should be time independent, in this special case.

Additional info:

Comment 3 RHEL Product and Program Management 2011-01-07 15:57:41 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support

Comment 6 Siddharth Nagar 2014-04-03 14:36:00 UTC
This will be resolved in the next major version of RHEL (RHEL 7). The patch to correctly fix this is too intrusive for RHEL 6.

Note You need to log in before you can comment on or make changes to this bug.