Devuan bug report logs - #268
policykit-1: CVE-2018-19788

Package: policykit-1; Maintainer for policykit-1 is Devuan Dev Team <devuan-dev@lists.dyne.org>;

Reported by: Berbe <bernard+devuan@rosset.net>

Date: Fri, 7 Dec 2018 17:48:01 UTC

Severity: critical

Merged with 269

Done: KatolaZ <katolaz@freaknet.org>

Full log


🔗 View this message in rfc822 format

X-Loop: owner@bugs.devuan.org
Subject: bug#268: mmhhh
Reply-To: KatolaZ <katolaz@freaknet.org>, 268@bugs.devuan.org
Resent-From: KatolaZ <katolaz@freaknet.org>
Resent-To: devuan-bugs@lists.dyne.org
Resent-CC: owner@bugs.devuan.org
Resent-Date: Sat, 08 Dec 2018 09:20:03 UTC
Resent-Message-ID: <handler.268.B268.154426055030115@bugs.devuan.org>
Resent-Sender: owner@bugs.devuan.org
X-Devuan-PR-Message: report 268
X-Devuan-PR-Package: policykit-1
X-Devuan-PR-Keywords: 
Received: via spool by 268-submit@bugs.devuan.org id=B268.154426055030115
          (code B ref 268); Sat, 08 Dec 2018 09:20:03 UTC
Received: (at 268) by bugs.devuan.org; 8 Dec 2018 09:15:50 +0000
Delivered-To: devuanbugs@dyne.org
Received: from tupac3.dyne.org [195.169.149.119]
	by fulcanelli with IMAP (fetchmail-6.3.26)
	for <debbugs@localhost> (single-drop); Sat, 08 Dec 2018 10:15:50 +0100 (CET)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(Authenticated sender: katolaz@freaknet.org)
	with ESMTPSA id 9419EF6097C
Date: Sat, 8 Dec 2018 10:17:18 +0100
From: KatolaZ <katolaz@freaknet.org>
To: 268@bugs.devuan.org
Message-ID: <20181208091718.je273iuhnkih7wux@katolaz.homeunix.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="inqsdvv7znhsuzot"
Content-Disposition: inline
User-Agent: NeoMutt/20170113 (1.7.2)
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED
	autolearn=disabled version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tupac3.dyne.org
[Message part 1 (text/plain, inline)]
There is no need to become root in order to use `service`:

$ /usr/sbin/service nginx status
[ ok ] nginx is running.
$

Even with a user with id larger than 4000000000:

$ sudo -u testpolkit /usr/sbin/service nginx stop
[....] Stopping nginx: nginxstart-stop-daemon: warning: failed to kill 2509: Operation not permitted
. ok
$

That's because sudo does *not* use policykit to test user privileges
(rather, it uses its own config files). So maybe this is not
applicable in this case?

HND

KatolaZ


[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.


Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Mon May 25 20:33:49 2020;