|
Bugzilla – Full Text Bug Listing |
| Summary: | AUDIT-0: NetworkManager: polkit-unauthorized-privilege | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 12.1 | Reporter: | Dominique Leuenberger <dimstar> |
| Component: | Security | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P5 - None | CC: | bruno, dutchkind, holler, krahmer, melchiaros, vuntz |
| Version: | Factory | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Dominique Leuenberger
2011-03-16 12:59:48 UTC
we should take a look but I'll add the privileges already so you can build your package without rpmlintrc Thank you very much Ludwig. for reference: the package is currently in home:dimstar:branches:GNOME:Factory > NetworkManager (in preparation of the entire NM stack) There's also a suse-dbus-unauthorized-service error, I guess, since it got added to rpmlintrc for now. Ludwig: I see polkit-default-privs has been updated for the comment 0. However, I still have this one which was missing in the report: NetworkManager.i586: I: polkit-unauthorized-privilege (Badness: 10000) org.freedesktop.NetworkManager.settings.modify.hostname Also, this polkit-default-privs sounds wrong: org.freedesktop.NetworkManager.settings.modify.own auth_admin This means that I have to enter the root password to modify my own connections (not the system-wide ones). Do you want me to file a new bug for that? (In reply to comment #4) > Ludwig: I see polkit-default-privs has been updated for the comment 0. > > However, I still have this one which was missing in the report: > NetworkManager.i586: I: polkit-unauthorized-privilege (Badness: 10000) > org.freedesktop.NetworkManager.settings.modify.hostname Ok, will add. > Also, this polkit-default-privs sounds wrong: > > org.freedesktop.NetworkManager.settings.modify.own auth_admin > > This means that I have to enter the root password to modify my own connections > (not the system-wide ones). Do you want me to file a new bug for that? I thought NM 0.9 now finally makes all connections system connections? Anyways, setting something to 'yes' should get a security review first. (In reply to comment #5) > (In reply to comment #4) > > Also, this polkit-default-privs sounds wrong: > > > > org.freedesktop.NetworkManager.settings.modify.own auth_admin > > > > This means that I have to enter the root password to modify my own connections > > (not the system-wide ones). Do you want me to file a new bug for that? > > I thought NM 0.9 now finally makes all connections system > connections? By default, yes. But I think this is wrong and I'm trying to get this changed upstream, see https://bugzilla.gnome.org/show_bug.cgi?id=646187#c12 (an example where this is wrong is the Novell wireless network, which uses the authentication data is really per-user, and it's wrong to create a system-wide connection for that). > Anyways, setting something to 'yes' should get a security review first. Nod, makes sense. Are you happy to keep this in this bug? (In reply to comment #6) > (In reply to comment #5) > > (In reply to comment #4) > > > Also, this polkit-default-privs sounds wrong: > > > > > > org.freedesktop.NetworkManager.settings.modify.own auth_admin > > > > > > This means that I have to enter the root password to modify my own connections > > > (not the system-wide ones). Do you want me to file a new bug for that? > > > > I thought NM 0.9 now finally makes all connections system > > connections? > > By default, yes. But I think this is wrong and I'm trying to get this changed > upstream, see https://bugzilla.gnome.org/show_bug.cgi?id=646187#c12 (an example > where this is wrong is the Novell wireless network, which uses the > authentication data is really per-user, and it's wrong to create a system-wide > connection for that). Ugh. Not so fast please :-) per-user connections do not actually exist. That is something NM made up for years. Network connections, nameserver settings, routing tables etc are all system wide. I'm glad to see those broken user connections gone. I agree that storing the credentials alongside the connection settings in plaintext in e.g. /etc/ might not be a good idea in every case though. I'd expect NM to simply prompt the user who activated the connection for missing credentials then. That's how smpppd works for example. > > Anyways, setting something to 'yes' should get a security review first. > > Nod, makes sense. Are you happy to keep this in this bug? Sure. This is an autogenerated message for OBS integration: This bug (680140) was mentioned in https://build.opensuse.org/request/show/69227 Factory / polkit-default-privs About org.freedesktop.NetworkManager.settings.modify.own: the only thing I can tell is that every time I want to connect to wifi/vpn with a password, I have to enter the root password. So that's really something that won't work in a released version. +1 for C9 What we will propose to admins, that will never give root password of a computer. It's even worse with KDE (see https://bugzilla.novell.com/show_bug.cgi?id=691273) Yes, there is a functional network, but with ethernet only! So, a white cross with an red background is a cosmetic symptom when you are wired, but no chance with plasmoid-networkmanagement and wireless connections since plasmoid-networkmanagement has no fallback to give root password. For the time being I can live with nm-applet. But please review polkit, dbus or what ever to give us back seamless wireless connections. Marking https://bugzilla.novell.com/show_bug.cgi?id=691273 as duplicate. *** Bug 691273 has been marked as a duplicate of this bug. *** So I finally got a Laptop I could install current Factory on. I tried connecting to a WPA2 enterprise network. The implementation looks rather broken/buggy. NM seems to require PK authentication for the wrong action and presents the wrong dialogs. When a system connection is created with the option to always prompt for the password I would not expect requiring root authentication from the user to actually enter it. Also, presenting the full connection edit dialog instead of just a password prompt is rather confusing. This needs to be fixed in NM and has nothing to do with the default privilege setting. I run into the same problem, needing the root password when trying to connect wifi. Worked around that by creating politkit rules, that fixed it for me, but networkmanager won't connect automatically, I need to connect manually to a wifi network, whereas this used to work without any problem on previous opensuse releases I've filed bug 713639 now to track the unneeded authentication requests.. Just a little comment, I read the page from the link of comment 6. I use an encrypted home which gives me the possibility to use kwallet without password and know the wpa passwords of all the places I visit, both private and work related places. Reading that wpa passwords will possibly be stored unencrypted in /etc worries me because I want those passwords safe in case my laptop ever gets stolen. For me the only acceptable place is in some wallet, and the way it used to work with knetworkmanager and kwallet worked fine for me. Now I have to give a root password to create a new connection, for me a nuisance, for my wife on her laptop impossible because she doesn't know the root password. Please take these things into consideration with the next versions of opensuse! As per audit-team discussion, we are closing this old issue as solved. If theres newer versions to check with, please open new bug for it. |