Devuan bug report logs - #268
policykit-1: CVE-2018-19788

Package: policykit-1; Severity: critical; Reported by: Berbe <bernard+devuan@rosset.net>; merged with #269; Done: KatolaZ <katolaz@freaknet.org>; Maintainer for policykit-1 is (unknown).


Message received at 269-done@bugs.devuan.org:


Received: (at 269-done) by bugs.devuan.org; 27 Feb 2019 10:40:08 +0000
Date: Wed, 27 Feb 2019 11:39:41 +0100
From: KatolaZ <katolaz@freaknet.org>
To: 269-done@bugs.devuan.org
Subject: solved in beowulf


--vcy6cimoko4p6jrk
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

This has been solved in policykit-0.105-25+devuan1, available in
beowulf and ceres. Closing.


--vcy6cimoko4p6jrk
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQSOWdaqRF79tKFTPVpfILOuC18GLwUCXHZo7QAKCRBfILOuC18G
L4pkAJ9woTAlntVgxQ7dm4xlGv8/2OVHKwCeLCLHNeynWA/LJjVKmHMGnSnU7Gs=
=yH5+
-----END PGP SIGNATURE-----

--vcy6cimoko4p6jrk--


Notification sent to Berbe <bernard+devuan@rosset.net>:
bug acknowledged by developer. Full text available.


Reply sent to KatolaZ <katolaz@freaknet.org>:
You have taken responsibility. Full text available.


Message received at 268@bugs.devuan.org:


Received: (at 268) by bugs.devuan.org; 8 Dec 2018 09:54:00 +0000
Date: Sat, 8 Dec 2018 10:17:18 +0100
From: KatolaZ <katolaz@freaknet.org>
To: 268@bugs.devuan.org
Subject: mmhhh


--inqsdvv7znhsuzot
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

There is no need to become root in order to use `service`:

$ /usr/sbin/service nginx status
[ ok ] nginx is running.
$

Even with a user with id larger than 4000000000:

$ sudo -u testpolkit /usr/sbin/service nginx stop
[....] Stopping nginx: nginxstart-stop-daemon: warning: failed to kill 2509: Operation not permitted
. ok
$

That's because sudo does *not* use policykit to test user privileges
(rather, it uses its own config files). So maybe this is not
applicable in this case?

HND

KatolaZ



--inqsdvv7znhsuzot
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQSOWdaqRF79tKFTPVpfILOuC18GLwUCXAuMHAAKCRBfILOuC18G
Lx6cAJwN3gJXo8n6wnxhlHv/kMTu9wydlwCfZTgjMrHT62Ebg1inz4UdLcVfFhA=
=6Ri0
-----END PGP SIGNATURE-----

--inqsdvv7znhsuzot--


Acknowledgement sent to KatolaZ <katolaz@freaknet.org>:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org. Full text available.


Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#268; Package policykit-1. Full text available.


Merged 268 269. Request was from KatolaZ <katolaz@freaknet.org> to control@bugs.devuan.org. Full text available.


Message received at 268@bugs.devuan.org:


Received: (at 268) by bugs.devuan.org; 8 Dec 2018 09:15:50 +0000
Date: Sat, 8 Dec 2018 10:17:18 +0100
From: KatolaZ <katolaz@freaknet.org>
To: 268@bugs.devuan.org
Subject: mmhhh


--inqsdvv7znhsuzot
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

There is no need to become root in order to use `service`:

$ /usr/sbin/service nginx status
[ ok ] nginx is running.
$

Even with a user with id larger than 4000000000:

$ sudo -u testpolkit /usr/sbin/service nginx stop
[....] Stopping nginx: nginxstart-stop-daemon: warning: failed to kill 2509: Operation not permitted
. ok
$

That's because sudo does *not* use policykit to test user privileges
(rather, it uses its own config files). So maybe this is not
applicable in this case?

HND

KatolaZ



--inqsdvv7znhsuzot
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQSOWdaqRF79tKFTPVpfILOuC18GLwUCXAuMHAAKCRBfILOuC18G
Lx6cAJwN3gJXo8n6wnxhlHv/kMTu9wydlwCfZTgjMrHT62Ebg1inz4UdLcVfFhA=
=6Ri0
-----END PGP SIGNATURE-----

--inqsdvv7znhsuzot--


Acknowledgement sent to KatolaZ <katolaz@freaknet.org>:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org. Full text available.


Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#268; Package policykit-1. Full text available.


Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#268; Package policykit-1. Full text available.


Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#268; Package policykit-1. Full text available.


Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#268; Package policykit-1. Full text available.


Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#268; Package policykit-1. Full text available.


Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#268; Package policykit-1. Full text available.


Report forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#268; Package policykit-1. Full text available.


Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Mon, 27 May 2019 10:39:01 UTC