clock riddle
Gregory Maxwell
gmaxwell at gmail.com
Tue Feb 24 06:40:40 UTC 2009
On Mon, Feb 23, 2009 at 5:30 PM, Chris Adams <cmadams at hiwaay.net> wrote:
> Once upon a time, Michal Jaegermann <michal at harddata.com> said:
>> On Mon, Feb 23, 2009 at 05:10:41PM -0430, Patrick O'Callaghan wrote:
>> > Why don't you simply state what you're talking about instead of asking
>> > riddles?
>>
>> I stated: "Anybody with a desktop session can mess with a system
>> clock at will. No root password or anything of that sort required".
>> I was curious if other people think that this is as serious as I know
>> it is.
>
> You've left it as a riddle as to how it would be done, as nobody else
> can reproduce what you claim. Without concrete details, you'll get
> quicksand responses.
Easily reproduced it here on a fresh F10 install where the user
account had never been subjected to the root password:
Right click the gnome clock applet, adjust date & time. It asks for a
password, the *user* password satisfies it. I never would have caught
this: My time is always set via NTP, and if I ever accidentally
clicked my way to that dialog I would have assumed that it wanted the
root password.
This shouldn't have been sent to this list: It should have been filed
as a confidential bug, it's CERT announcement material. I guess its
too late now.
A non-privileged "kick NTP" command is probably acceptable. An
adjustment of the per-user TZ variable is completely safe. A
non-privileged change-system-timezone *might* be safe, but that is
still a major change in the Unix security model so determining the
safety would take extensive analysis and discussion. It would probably
be better to transition to a model where the system timezone was
always UTC, and applications heeded a per-user timezone.
…but allowing regular users to simply adjust the time arbitrarily is
an absolute security disaster.
More information about the test
mailing list