You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ordinary users open the tuned-gui desktop program, pop up the authentication and authorization interface, click the cancel authentication button, and enter the tuned-gui program
#554
Open
weiyaping20 opened this issue
Sep 13, 2023
· 1 comment
【 Title Description 】 Ordinary users can open the tuned-gui desktop program, pop up the authentication interface, click the cancel authentication button, and enter the tuned-gui interface
Environmental Information
Software information:
Tuned-2.20.0-1. el9. noarch
Tuned-gtk-2.20.0-1. el9. noarch
Problem Recurrence Steps
Yum install tuned-gtk - y
Ordinary users log in to the graphical desktop. Click on the tuned gui icon to pop up the authentication interface
Expected results
After clicking the cancel authentication button, you will not enter the tuned interface
After authorization is approved, other settings should not pop up the authentication box again
Actual results
After clicking the cancel authentication button, directly enter the tuned interface
After the password authorization is passed, the authentication box will pop up again when setting other items. Click the cancel button, and the status of the setting item has been modified, but it is not actually effective; Ordinary users will enter this interface again to display the previous settings status
The text was updated successfully, but these errors were encountered:
Unauthorized user is not allowed to do any changes that requires authorization, so it shouldn't be security related. I agree the code could be improved to disable all the options for which user is unauthorized or the code could re-request authorization when needed. Unfortunately, it doesn't seem like a trivial code change. Also patches are welcome.
【 Title Description 】 Ordinary users can open the tuned-gui desktop program, pop up the authentication interface, click the cancel authentication button, and enter the tuned-gui interface
Environmental Information
Software information:
Problem Recurrence Steps
Expected results
Actual results
The text was updated successfully, but these errors were encountered: