237811 – app-portage/autounmask-0.21 falsly refuses to run without root access

Bug 237811 - app-portage/autounmask-0.21 falsly refuses to run without root access

Summary: app-portage/autounmask-0.21 falsly refuses to run without root access

Status:	RESOLVED FIXED

Alias:	None

Product:	Portage Development
Classification:	Unclassified
Component:	Tools (show other bugs)
Hardware:	x86 Linux

Importance:	High normal (vote)
Assignee:	Christian Hartmann (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	290942
	Show dependency tree

Reported:	2008-09-16 07:33 UTC by Steen Eugen "Miravlix" Poulsen
Modified:	2009-10-28 21:33 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
fixes group comparison and optimizes slow python call (autounmask.patch,489 bytes, patch) 2009-10-28 21:19 UTC, Tim Spriggs	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Steen Eugen "Miravlix" Poulsen 2008-09-16 07:33:33 UTC

autounmask has a hard coded check for whatever it's run as root, but their is nothing the program does that requires root access.

It simply requires random joe user emerge privileges and editing rights to /etc/portage none of this has to be root restricted.

I find it a borderline security issue that a tool that does not need root, claims so anyway and forces the user to enter root level access to run it.

Reproducible: Always

Comment 1 Christian Hartmann (RETIRED) gentoo-dev

2009-04-03 18:36:32 UTC

Jep. Fixed in 0.25.

Comment 2 Tim Spriggs 2009-10-28 21:19:47 UTC

Created attachment 208579 [details, diff]
fixes group comparison and optimizes slow python call

re-fixes this issue and optimizes the python call.