/proc/$pid/* gets too restrictive permissions for g-s-t tools
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
policykit (Ubuntu) |
Fix Released
|
High
|
Martin Pitt |
Bug Description
Binary package hint: gnome-system-tools
gnome-system-tools relies on PolicyKit to check privileges, and PolicyKit-gnome 0.6 requires reading /proc/$pid/exe to know the executable binary path, however this is what I get when running any g-s-t tool (didn't see it with other executables):
$ ps -ef | grep "network-admin"
carlos 9385 8497 0 20:35 pts/1 00:00:00 ./network-admin
$ ls -l /proc/9385/exe
ls: cannot read symbolic link /proc/9385/exe: Permission denied
lrwxrwxrwx 1 root root 0 2008-01-07 20:36 /proc/9385/exe
When pressing the "unlock" button, PolicyKit-gnome should show a dialog to ask for the user/admin password, but due to these permissions, it fails, g-s-t was incorrectly interpreting the error as a successful reply (fixed in svn trunk), but there's clearly a much bigger underlying problem, so the possible solutions are:
1) Check where does the /proc/$pid entry for g-s-t tools get such permissions and unpatch/fix it
2) Update to PolicyKit 0.7, where the exec path isn't anymore a hard requirement
I'm reporting it to the g-s-t package as it's where it's visible
Related branches
Changed in gnome-system-tools: | |
milestone: | ubuntu-8.04 → hardy-alpha-3 |
Changed in gnome-system-tools: | |
assignee: | desktop-bugs → pitti |
milestone: | hardy-alpha-3 → ubuntu-8.04 |
status: | Confirmed → In Progress |
Thank you for the detail bug report, I've subscribed Martin who might know about the issue