Web lists-archives.com

Re: Security hole in LXDE?




Hi Hans,

Question 1 which one: stable, testing or unstable?

Generally (to aid in your investigation):

1.) It may be a good idea just to recheck your sudo settings first
(/etc/sudoers).

(relevant uncommented setting on this system:


##
## User privilege specification
##
root ALL=(ALL) ALL

2.) The other thing would be to check your regular user's group settings
(group memberships).

For example (on this system):

[davor@lucifer ~]$ groups davor
wheel plugdev users

Other than that, ensure you are not running as root (or sudo), ensure
you are updated, reboot and try again as regular user. LXDE is very
mature, this is unlikely to happen.


Cheers


D

On 27/02/17 20:19, Hans wrote:
> Hi folks,
>
> on my system /debian-amd64/testing) I can start Synaptic as a normal user, 
> just by using the user password. In KDE this is not possible, there I need the 
> root password.
>
> I do not have sudo in use.
>
> As I do not know, if this is a problem on my system (I have no second one to 
> confirm this)., maybe please someone else could check this.
>
> If I am correct, this is a security hole. If I am wrong, I have to recheck my 
> system.
>
> Thank you for your help.
>
> Best
>
> Hans
>