Security issue with disks-admin

[Dennis Kaarsemaker]

On do, 2005-10-06 at 14:09 -0700, Matt Zimmerman wrote:
> On Thu, Oct 06, 2005 at 09:58:13PM +0200, Dennis Kaarsemaker wrote:
> > The issue has been raised before in bugzilla and on this list: One can
> > launch nautilus/totem/gnome-cd from disks-admin. These programs will
> > then run as root which is against the Ubuntu policy. Attached debdiff is
> > a complete patch that uses "su -c $SUDO_USER" to launch the actual
> > applications.
> 
> This isn't a security issue, only a safety issue, and a small one in my
> opinion.  The only risk is that the user makes destructive changes to the
> filesystem, which they are normally protected from by lack of privilege.
> 
> I don't consider this a high priority for 5.10, but if we're going to
> squeeze in a fix, it needs to be the simplest possible one (in this case,
> disabling the button entirely).  Since there are plenty of other, more
> obvious ways to browse filesystems, this is a very low-impact change.

I tend to disagree with that last statement. Especially new users who
are trying to mount their windows partitions will find this button the
easiest one to browse these partitions.
-- 
Dennis K.
  - Linux for human beings: http://www.ubuntulinux.org
  - Linux voor normale mensen: http://www.ubuntulinux.nl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20051006/2ceea6e6/attachment.pgp