Devuan bug report logs -
#268
policykit-1: CVE-2018-19788
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org
:
bug#268
; Package policykit-1
.
(full text, mbox, link).
Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org
:
bug#268
; Package policykit-1
.
(full text, mbox, link).
Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org
:
bug#268
; Package policykit-1
.
(full text, mbox, link).
Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org
:
bug#268
; Package policykit-1
.
(full text, mbox, link).
Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org
:
bug#268
; Package policykit-1
.
(full text, mbox, link).
Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org
:
bug#268
; Package policykit-1
.
(full text, mbox, link).
Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org
:
bug#268
; Package policykit-1
.
(full text, mbox, link).
Acknowledgement sent to KatolaZ <katolaz@freaknet.org>
:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org
.
(full text, mbox, link).
Message #17 received at 268@bugs.devuan.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
There is no need to become root in order to use `service`:
$ /usr/sbin/service nginx status
[ ok ] nginx is running.
$
Even with a user with id larger than 4000000000:
$ sudo -u testpolkit /usr/sbin/service nginx stop
[....] Stopping nginx: nginxstart-stop-daemon: warning: failed to kill 2509: Operation not permitted
. ok
$
That's because sudo does *not* use policykit to test user privileges
(rather, it uses its own config files). So maybe this is not
applicable in this case?
HND
KatolaZ
[signature.asc (application/pgp-signature, inline)]
Merged 268 269.
Request was from KatolaZ <katolaz@freaknet.org>
to control@bugs.devuan.org
.
(full text, mbox, link).
Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org
:
bug#268
; Package policykit-1
.
(full text, mbox, link).
Acknowledgement sent to KatolaZ <katolaz@freaknet.org>
:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org
.
(full text, mbox, link).
Reply sent to KatolaZ <katolaz@freaknet.org>
:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Berbe <bernard+devuan@rosset.net>
:
bug acknowledged by developer.
(full text, mbox, link).
Message #29 received at 269-done@bugs.devuan.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
This has been solved in policykit-0.105-25+devuan1, available in
beowulf and ceres. Closing.
[signature.asc (application/pgp-signature, inline)]
Send a report that this bug log contains spam.