Ubuntu
network-manager-applet package

none admin can change wireless

Bug #1320668 reported by Scott Hodgson
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
network-manager-applet (Ubuntu)
New
Undecided
Unassigned

Bug Description

For a standard user "system settings" > "network settings" is locked for none admin users. However, they can chages network settings through nm-applet without sudo privledges.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: network-manager-gnome 0.9.8.8-0ubuntu4
ProcVersionSignature: Ubuntu 3.13.0-24.47-generic 3.13.9
Uname: Linux 3.13.0-24-generic x86_64
NonfreeKernelModules: wl
ApportVersion: 2.14.1-0ubuntu3
Architecture: amd64
CurrentDesktop: Unity
Date: Sun May 18 17:25:48 2014
ExecutablePath: /usr/bin/nm-applet
IfupdownConfig:
 # interfaces(5) file used by ifup(8) and ifdown(8)
 auto lo
 iface lo inet loopback
InstallationDate: Installed on 2014-04-17 (30 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417)
IpRoute:
 default via 192.168.1.254 dev wlan0 proto static
 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.71 metric 9
NetworkManager.state:
 [main]
 NetworkingEnabled=true
 WirelessEnabled=true
 WWANEnabled=true
 WimaxEnabled=true
ProcEnviron:
 LANGUAGE=en_GB:en
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_GB.UTF-8
 SHELL=/bin/bash
SourcePackage: network-manager-applet
UpgradeStatus: No upgrade log present (probably fresh install)
nmcli-con:
 NAME UUID TYPE TIMESTAMP TIMESTAMP-REAL AUTOCONNECT READONLY DBUS-PATH
 Wired connection 1 939cc2b7-6206-4e00-966e-f5076a7f1a7c 802-3-ethernet 1400429445 Sun 18 May 2014 17:10:45 BST yes no /org/freedesktop/NetworkManager/Settings/1
 PlusnetWireless007F3B 84a8e5f1-a6bf-4066-b076-ba94081436b8 802-11-wireless 1400430345 Sun 18 May 2014 17:25:45 BST yes no /org/freedesktop/NetworkManager/Settings/0
nmcli-dev:
 DEVICE TYPE STATE DBUS-PATH
 eth0 802-3-ethernet unavailable /org/freedesktop/NetworkManager/Devices/1
 wlan0 802-11-wireless connected /org/freedesktop/NetworkManager/Devices/0
nmcli-nm:
 RUNNING VERSION STATE NET-ENABLED WIFI-HARDWARE WIFI WWAN-HARDWARE WWAN
 running 0.9.8.8 connected enabled enabled enabled enabled disabled

Revision history for this message
Scott Hodgson (lgnux) wrote :
Seth Arnold (seth-arnold)
information type: Private Security → Public Security
Revision history for this message
Marc Deslauriers (mdeslaur) wrote : Bug is not a security issue

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

information type: Public Security → Public
Revision history for this message
Scott Hodgson (lgnux) wrote :

Thanks for the feedback, I am new to bug reporting. I would like you to reconsider the "security" tag based on the following.
I am implenting Ubuntu on an an "enterprise" scheme over multiple sites. The hardwired systems aren`t an issue, however, the notebooks - which can go from site to site - are. For example someone wants to access a site that goes against our policies/bypass proxy, or, a disgruntled user may be able to download lots of software that could be harmful to our systems. This can be done easily by personel mobile phones used as tethers - just wanted to point out the obvious, if it hadn't been thought of already. Also if I have set privleges correctly and someone can change a setting, which doesn't allow none sudoers access to be changed, then it is "cross privleges".

Hope this helps understand my security concerns.

Scott

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.