[Pkg-kde-extras] Bug#427583: kwlan: can't be set up in a trustworthy manner

Yann Vernier yann at algonet.se
Tue Jun 5 01:28:44 UTC 2007 

Package: kwlan
Version: 0.6.1-2+b1
Severity: important

kwlan uses kdesu to run arbitrary, unknown commands as root. The
documentation says "You need to be able to run networking relevant
commands like dhclient, ifconfig, iwconfig, route and wpa_supplicant."
The phrasing indicates that this is NOT sufficient information to answer
the question (What programs does a user need to able to run using
sudo?), and there does not seem to be a correct answer. Checking my
auth.log, it seems it only runs one command:

Jun  5 03:05:21 zex sudo:     yann : TTY=pts/3 ; PWD=/home/yann ;
USER=root ; COMMAND=/usr/bin/kdesu_stub -

In other words, it runs a stub for *arbitrary control*. Even this is run
hidden from me by a window that requests my or root's password without
hinting at what command it's talking about. I would like for the
question to have a proper answer, i.e. run the commands in question
using sudo, not a strange wrapper, and list the commands. 


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core)
Locale: LANG=sv_SE.ISO-8859-15, LC_CTYPE=sv_SE.ISO-8859-15 (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages kwlan depends on:
ii  kdelibs4c2a          4:3.5.7.dfsg.1-1    core libraries and binaries for al
ii  libc6                2.5-9               GNU C Library: Shared libraries
ii  libgcc1              1:4.2-20070525-1    GCC support library
ii  libiw29              29~pre21-2          Wireless tools - library
ii  libqt3-mt            3:3.3.7-4+b1        Qt GUI Library (Threaded runtime v
ii  libstdc++6           4.2-20070525-1      The GNU Standard C++ Library v3
ii  ppp                  2.4.4rel-9          Point-to-Point Protocol (PPP) daem
ii  psmisc               22.5-1              Utilities that use the proc filesy
ii  sudo                 1.6.8p12-5          Provide limited super user privile
ii  wpasupplicant        0.6.0~cvs20070224-3 Client support for WPA and WPA2 (I

kwlan recommends no packages.

-- no debconf information

More information about the pkg-kde-extras mailing list