From nobody@FreeBSD.org Thu Jan 17 04:50:10 2002 Return-Path: Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id C7D5F37B400 for ; Thu, 17 Jan 2002 04:50:09 -0800 (PST) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g0HCo9k33821; Thu, 17 Jan 2002 04:50:09 -0800 (PST) (envelope-from nobody) Message-Id: <200201171250.g0HCo9k33821@freefall.freebsd.org> Date: Thu, 17 Jan 2002 04:50:09 -0800 (PST) From: Dylan Carlson To: freebsd-gnats-submit@FreeBSD.org Subject: KDE 2.2 'kcheckpass' package install needs to be suid root X-Send-Pr-Version: www-1.0 >Number: 33988 >Category: ports >Synopsis: KDE 2.2 'kcheckpass' package install needs to be suid root >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 17 05:00:02 PST 2002 >Closed-Date: Thu Jan 17 14:36:44 PST 2002 >Last-Modified: Thu Jan 17 14:37:27 PST 2002 >Originator: Dylan Carlson >Release: 4.4-current >Organization: >Environment: >Description: Screen lock / screensaver password under KDE 2.2 does not work by default for non-root users. What I mean by this is, if a user locks his display, he can't unlock it. >How-To-Repeat: Install 4.4-RELEASE and KDE 2.2 from packages on the install image. >Fix: I had to make this suid root for it to work, however I don't know that this is correct security-wise. >Release-Note: >Audit-Trail: From: Alan E To: Dylan Carlson , freebsd-gnats-submit@FreeBSD.ORG Cc: Subject: Re: ports/33988: KDE 2.2 'kcheckpass' package install needs to be suid root Date: Thu, 17 Jan 2002 08:15:25 -0500 On Thursday 17 January 2002 07:50, Dylan Carlson wrote: > >Number: 33988 > >Category: ports > >Synopsis: KDE 2.2 'kcheckpass' package install needs to be suid root > >Confidential: no > > >How-To-Repeat: > > Install 4.4-RELEASE and KDE 2.2 from packages on the install image. > 4.4-R has KDE 2.2.1. Current version is KDE 2.2.2. Problem does not exist in 2.2.2 packages. This PR can be closed. -- Alan Eldridge State-Changed-From-To: open->closed State-Changed-By: pat State-Changed-When: Thu Jan 17 14:36:44 PST 2002 State-Changed-Why: Update your ports collection and install kde 2.2.2 http://www.FreeBSD.org/cgi/query-pr.cgi?pr=33988 >Unformatted: