Fedora Linux Support Community & Resources Center

Go Back   FedoraForum.org > Fedora 19/20/21 > Security and Privacy
FedoraForum Search

Forgot Password? Join Us!

Security and Privacy Sadly, malware, spyware, hackers and privacy threats abound in today's world. Let's be paranoid and secure our penguins, and slam the doors on privacy exploits.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 19th June 2007, 01:31 PM
pepe123 Offline
Registered User
 
Join Date: Jun 2007
Posts: 97
i can start apps with root-privilages without entering the password

i have fc7 with all up-to-date updates. i use kde and i noticed some strange behaviour:

usually some "apps" like SELinux manger, date&time etc require a root passw to run (as it should be). and in kde there is a option for the cursor to bounce for up to 30 sec. when starting apps.

so when I start (for instance) SElinux Manager i have time (up to 30 sec) to start any other app that require root-passw without actually entering the passw itself. after these 30 sec, or when i close/terminate the first app i need to reenter the root-passw again.

Can someone help me to disable this
Reply With Quote
  #2  
Old 19th June 2007, 08:37 PM
hceylan Offline
Registered User
 
Join Date: Oct 2004
Location: Istanbul Turkey
Age: 40
Posts: 93
Do you see an icon on the notification applet that says "keep authorization"/"Forget authorization"

That might be the cause. If you close the privileged application, this sometimes automaticly forgets authorization

Hasan Ceylan
Reply With Quote
  #3  
Old 19th June 2007, 08:45 PM
pepe123 Offline
Registered User
 
Join Date: Jun 2007
Posts: 97
Quote:
Originally Posted by hceylan
Do you see an icon on the notification applet that says "keep authorization"/"Forget authorization"

That might be the cause. If you close the privileged application, this sometimes automaticly forgets authorization

Hasan Ceylan

There is absolutely no icon, no message, nothing. (I even didn't know, there should be one )
Reply With Quote
  #4  
Old 19th June 2007, 09:01 PM
hceylan Offline
Registered User
 
Join Date: Oct 2004
Location: Istanbul Turkey
Age: 40
Posts: 93
I occasionally see it is in the shape of a yellow shield.. Just though this could be...

Sorry for not working out...

Hasan Ceylan
Reply With Quote
  #5  
Old 19th June 2007, 09:12 PM
sideways Offline
Retired User
 
Join Date: Oct 2004
Location: London, UK
Posts: 4,999
You can specify the number of seconds the authorization lasts for by adding a timestamp_timeout=secs directive to the auth timestamp.so line in /etc/pam.d/config-util

eg to set it to zero use

Code:
auth            sufficient      pam_timestamp.so timestamp_timeout=0
Now you will always have to type in the root password for config utils even if one has just been opened and the password enterered (alternatively set it really high, for a really insecure system, that won't prompt for passwords too much)
Reply With Quote
  #6  
Old 19th June 2007, 09:15 PM
hceylan Offline
Registered User
 
Join Date: Oct 2004
Location: Istanbul Turkey
Age: 40
Posts: 93
pepe123 I think that was profitable day for both of us

Thanks for the tip sideways
Reply With Quote
  #7  
Old 21st June 2007, 05:27 PM
pepe123 Offline
Registered User
 
Join Date: Jun 2007
Posts: 97
Quote:
Originally Posted by hceylan
pepe123 I think that was profitable day for both of us

Thanks for the tip sideways
Therefore I switched from opensuse10.2 opensuse is a great linux distro, but I like fedora more. there are more packages and a great community support for fedora. I just like it despite of the problems.

By the way, after applying the timestamp_timeout=0, there are sometimes (a lot rare, though) some apps that still can be started without a root-passwd. I think it is a problem of some selinux-policy, e.g while checking for permission i have some secs to start something else.
Reply With Quote
  #8  
Old 21st June 2007, 05:53 PM
sideways Offline
Retired User
 
Join Date: Oct 2004
Location: London, UK
Posts: 4,999
some of the config utils have their own timestamp config, system-config-selinux is one, system-config-lvm is another, just apply the same directive in the relevant /etc/pam.d/ module

edit

that might be system-config-securitylevel, sorry, I think it changed between fc6 and f7?

Last edited by sideways; 21st June 2007 at 05:58 PM.
Reply With Quote
Reply

Tags
apps, entering, password, rootprivilages, start

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Certain Apps Won't Start as non-root, Qt? tgerbert Using Fedora 18 28th March 2009 10:14 AM
how to create user with root privilages anitha2324 Using Fedora 11 16th June 2008 03:02 PM
Entering su password in a script imfromwales Using Fedora 21 25th January 2008 05:56 PM
Entering security password bopmatic Servers & Networking 5 29th September 2007 03:37 AM
K3B complaining about cdrdao not having root privilages in FC6 Ambiguous-69 EOL (End Of Life) Versions 1 20th June 2007 02:40 PM


Current GMT-time: 22:29 (Thursday, 18-12-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat
Creek Side - Stockholm-Arlanda Airport (ARN) Travel Photos on Instagram - Marina of Koper Travel Photos - Te Whiti Park Instagram Photos - Texas State Fair Photos on Instagram