On Mon, Feb 23, 2009 at 5:30 PM, Chris Adams <cmadams@xxxxxxxxxx> wrote: > Once upon a time, Michal Jaegermann <michal@xxxxxxxxxxxx> said: >> On Mon, Feb 23, 2009 at 05:10:41PM -0430, Patrick O'Callaghan wrote: >> > Why don't you simply state what you're talking about instead of asking >> > riddles? >> >> I stated: "Anybody with a desktop session can mess with a system >> clock at will. No root password or anything of that sort required". >> I was curious if other people think that this is as serious as I know >> it is. > > You've left it as a riddle as to how it would be done, as nobody else > can reproduce what you claim. Without concrete details, you'll get > quicksand responses. Easily reproduced it here on a fresh F10 install where the user account had never been subjected to the root password: Right click the gnome clock applet, adjust date & time. It asks for a password, the *user* password satisfies it. I never would have caught this: My time is always set via NTP, and if I ever accidentally clicked my way to that dialog I would have assumed that it wanted the root password. This shouldn't have been sent to this list: It should have been filed as a confidential bug, it's CERT announcement material. I guess its too late now. A non-privileged "kick NTP" command is probably acceptable. An adjustment of the per-user TZ variable is completely safe. A non-privileged change-system-timezone *might* be safe, but that is still a major change in the Unix security model so determining the safety would take extensive analysis and discussion. It would probably be better to transition to a model where the system timezone was always UTC, and applications heeded a per-user timezone. …but allowing regular users to simply adjust the time arbitrarily is an absolute security disaster. -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
