Re: Security hole in LXDE?
> Check how synaptic is being started by the menu entry. Typically,
> synaptic will be started by /usr/bin/synaptic-pkexec, which uses
> policykit to authorise an effective su for a normal user. The executable
> synaptic is in /usr/sbin, so will probably not work from a menu.
Yes, it is as you said. There is /usr/bin/synaptic-pkexec
and /usr/sbin/synatic
>
> I've changed the launcher to gksudo synaptic, which gives me explicit
> fine control with sudoers.
>
As I said: I do NOT use sudoers, and there is no entry or the user /etc/
sudoers.
> I suspect what you're seeing is as intended.
If so, then why not working so in KDE? And if this is intended, then this is a
bug and a security hole, which should be fixed.
Hans
Reply to: