Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 27 Mar 2012 19:45:09 -0700
From: Tim Sammut <>
CC: security <>
Subject: CVE Request: PolicyKit change allows users in "wheel" group to become
 root without a password


Please assign a CVE to this issue.

An intended change in PolicyKit [1] version 0.103 [2] allows users of
the "wheel" group to become root without providing the root password.
While this was intentional, we believe it presents a security concern
for our users [3].



thank you

Tim Sammut ~ Gentoo Security Team ~ C2375493

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ