Opened 7 years ago

Closed 7 years ago

#115 closed Feature Request (wontfix)

PCBSD Update Manager should require root password to install updates

Reported by: pheet Owned by:
Priority: critical Milestone:
Component: PC-BSD Updater Version:
Keywords: update, manager, root, security Cc:

Description

The new Update Manager in 1.5 does not require the root password to install system updates as it runs through sudo as root NOPASSWD. I consider this a security risk.

My suggestion would be to split the update manager into 2 seperate programs:

1) GUI + the code that checks for and downloads the updates. Set as 770 root:wheel

2) Non-gui code that actually performs the updates set as 700 root:wheel , called via kdesu by the first part.

This would avoid the annoyance of being prompted for the root password when every wheel user logs in to start the manager, but without compromising BSD's security.

(One could provide an option in the GUI for the current behaviour if desired, which would chmod g+rx the 2nd part (and stop launching it thru kdesu). )

Change History (2)

comment:1 Changed 7 years ago by pheet

Oops, I meant

1) GUI + the code that checks for and downloads the updates. Set as 750 root:wheel

comment:2 Changed 7 years ago by kris

  • Resolution set to wontfix
  • Status changed from new to closed

The update manager was created this way be design, so that users can easily update the system / PBIs without having to enter a password each time. However, you can easily remove the sudo entry, and then when you run the update manager, use kdesu to launch it as root.

Possibly down the road this may be changed, but for the moment it is not planned.

Note: See TracTickets for help on using tickets.