SU vulnerability
Rahul Sundaram
sundaram at redhat.com
Fri Dec 9 14:02:36 UTC 2005
Sergey wrote:
>I do realise that, however setting "wheel group" security option
>to /etc/pam.d/su has always been considered enough. For years. Until the
>USERMODE port, supposed to make the authentication process EASIER, has made
>the whole system vulnerable.
>
>Why should I know that system-config-users has opened a security hole?
>
If you restrict only su to using the wheel group using pam none of the
other programs which perform authentication is affected which includes
system-config-users. If you want 'wheel' group support against other
such programs feel free to file a request for enhancement against the
particular packages preferably with patches.
regards
Rahul
More information about the fedora-list
mailing list