Again, opiepasswd does _not_ check the user id and act appropriately, so it should _not_ be made setuid, unless that issue is addressed, as it would allow any user to modify any other user's keys, AFAICT.
However, to address Thomas's comment: opiepasswd modifies an individual user's opie keys, and that user shouldn't necessarily be expected to have sudo access. opiepasswd ought to work analogously to passwd, and allow a user to change his own (opie)passwd information without becoming root. -- opieinfo isn't setuid, whilst opiepasswd is https://bugs.launchpad.net/bugs/61335 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
