diff options
author | Karel Zak | 2015-05-26 10:32:38 +0200 |
---|---|---|
committer | Karel Zak | 2015-05-26 10:32:38 +0200 |
commit | 687cc5d58942b24a9f4013c68876d8cbea907ab1 (patch) | |
tree | 2b83b6fd3bac3acb9a31acd2967e6a7ef3177af4 /sys-utils/hwclock.8.in | |
parent | sulogin: don't use strcpy(), enlarge pwd line buffer (diff) | |
download | kernel-qcow2-util-linux-687cc5d58942b24a9f4013c68876d8cbea907ab1.tar.gz kernel-qcow2-util-linux-687cc5d58942b24a9f4013c68876d8cbea907ab1.tar.xz kernel-qcow2-util-linux-687cc5d58942b24a9f4013c68876d8cbea907ab1.zip |
hwclock: don't allow non-root access
Fortunately very few people are crazy enough to install hwclock as
setuid. Some comments in code and unfortunately also man page
advertising that setuid is no problem. That's pretty stupid promise.
The code quality is poor and it's obviously not designed to be secure
(things like popen() without drop privileges, etc.).
This patch removes all notes about "setuid support" and for sure
disable hwclock execution for non-root users.
Addresses: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786804
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'sys-utils/hwclock.8.in')
-rw-r--r-- | sys-utils/hwclock.8.in | 15 |
1 files changed, 0 insertions, 15 deletions
diff --git a/sys-utils/hwclock.8.in b/sys-utils/hwclock.8.in index 9926ed479..ddf42a27f 100644 --- a/sys-utils/hwclock.8.in +++ b/sys-utils/hwclock.8.in @@ -577,21 +577,6 @@ This second field is not used under Linux and is always zero. See also .BR \%settimeofday (2). . -.SS User access and setuid -.PP -Sometimes, you need to install -.B \%hwclock -setuid root. If you want users other than the superuser to be able to -display the clock value using the direct ISA I/O method, install it setuid -root. If you have the rtc device interface on your system, or are on a non-ISA -compatible system, there is probably no need for users to have the direct -ISA I/O method, so do not bother. See the -.BR \-\-rtc " option." -.PP -In any case, \fBhwclock\fR will not allow you to set anything unless you have the -superuser real uid. (This restriction is not necessary if you haven't -installed setuid root, but it's there for now.) -. .SS Hardware Clock Access Methods .PP .B \%hwclock |