Fedora/RedHat ConsoleHelper Privileged Access Preserved

["Jonathan A. Zdziarski" <jonathan () nuclearelephant com>]

I noticed running Gnome 2.4 on Fedora that privileged access acquired
via the console helper (and pam) is preserved after the user logs out
and back in, for at least an adequate amount of time to log back in and
retain root privileges.

In general, people don't share accounts but this could present a problem
on a shared NOC machine or a machine with a single administrative
account that is managed remotely.  If a user logs out after being
granted privileged access, another user can log right back in to the
administrative account and still have this access.

As I said this isn't a big deal since most systems will have individual
user accounts, but this isn't always the case.  

Jonathan


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html