Re: Security hole in LXDE?

To: debian-user@lists.debian.org
Subject: Re: Security hole in LXDE?
From: Davor Balder <davor@cropakglobal.com>
Date: Mon, 27 Feb 2017 21:00:15 +1100
Message-id: <[🔎] 44c6d110-2214-7226-4a8d-38e940d99613@cropakglobal.com>
In-reply-to: <[🔎] 7419461.KfDLPVJcsL@protheus1>
References: <[🔎] 7419461.KfDLPVJcsL@protheus1>

Hi Hans,

Question 1 which one: stable, testing or unstable?

Generally (to aid in your investigation):

1.) It may be a good idea just to recheck your sudo settings first
(/etc/sudoers).

(relevant uncommented setting on this system:

##
## User privilege specification
##
root ALL=(ALL) ALL

2.) The other thing would be to check your regular user's group settings
(group memberships).

For example (on this system):

[davor@lucifer ~]$ groups davor
wheel plugdev users

Other than that, ensure you are not running as root (or sudo), ensure
you are updated, reboot and try again as regular user. LXDE is very
mature, this is unlikely to happen.

Cheers

D

On 27/02/17 20:19, Hans wrote:
> Hi folks,
>
> on my system /debian-amd64/testing) I can start Synaptic as a normal user, 
> just by using the user password. In KDE this is not possible, there I need the 
> root password.
>
> I do not have sudo in use.
>
> As I do not know, if this is a problem on my system (I have no second one to 
> confirm this)., maybe please someone else could check this.
>
> If I am correct, this is a security hole. If I am wrong, I have to recheck my 
> system.
>
> Thank you for your help.
>
> Best
>
> Hans
>

Reply to:

Follow-Ups:
- Re: Security hole in LXDE?
  - From: Hans <hans.ullrich@loop.de>

References:
- Security hole in LXDE?
  - From: Hans <hans.ullrich@loop.de>

Prev by Date: Re: Swift lang in Debian?
Next by Date: Re: Security hole in LXDE?
Previous by thread: Re: Security hole in LXDE?
Next by thread: Re: Security hole in LXDE?
Index(es):
- Date
- Thread