Security issue: xfce pol kit allow others to sneak through
rdunlap at infradead.org
Wed May 27 08:51:25 CEST 2020
On 5/26/20 10:12 PM, ToddAndMargo wrote:
> On 2020-05-26 13:21, Chris Green wrote:
>> ToddAndMargo <ToddAndMargo at zoho.com> wrote:
>>> Hi All,
>>> Security issue
>>> Xfce 4.14
>>> Fedora 32, x64
>>> There is a security issue where in if you are prompted
>> Did you mean "... issue wherein if ..." or something else? It *is*
>> important in this sort of context IMHO.
Yes, I think that T&M meant "wherein".
> No sure what the nuance is you are looking for..
> If you start a program that triggers an xfce polkit
> prompt for the root's password, after entering the password,
> you can sneak other programs though that also trigger
> the xfce polkit, if you are quick enough.
> Xfce mailing list
> Xfce at xfce.org
Reported-by: Randy Dunlap <rdunlap at infradead.org>
More information about the Xfce