Linux Mint 21.1 'Vera' Question 'SOLVED'

Alexzee

Well-Known Member
Joined
Jun 1, 2019
Messages
3,681
Reaction score
1,963
Credits
21,897
After reading about the new features for LM 21.1 it said in the article that:
The manager now runs in user mode so you no longer need a password to launch it.

Is this a security issue?

 
Last edited:


That's for the Driver Manager only, Alex, do you see that as an issue?

Chris
 
That's for the Driver Manager only, Alex, do you see that as an issue?

Chris
I wasn't sure if it's an issue.
I asked to see if other members that are already running LM 21.1 Vera would chime in and see what their experience was or has been.

*Also, a close relative is thinking about having me install this distro on his laptop and he wanted me to ask.
 
Other members will likely know better than I - I just installed it yesterday and am still getting the feel of it.

I might move this to Security, Alex, and it will attract attention from people such as Brian @Condobloke , @Lord Boltar , @Old Tom Bombadil and so on.

Ho Ho Ho

Wiz
 
I wouldn't consider it much of a security issue. You'd have to be logged in to do this in the first place.

If you leave your device unlocked around people you don't trust, you have bigger concerns than them updating your operating system for you.

You're pretty much always at risk of the Evil Maid attack vector, but this isn't something I'd lose sleep over. Heck, I have one device set up so that you don't even need a password for sudo. I figure once you log in you own the system. Anyone physically at the device owns the system, really.

If you're worried about that, your best bet would be to encrypt your /home and lock your device every time you're not sitting in front of it.
 
I wouldn't consider it much of a security issue. You'd have to be logged in to do this in the first place.

If you leave your device unlocked around people you don't trust, you have bigger concerns than them updating your operating system for you.

You're pretty much always at risk of the Evil Maid attack vector, but this isn't something I'd lose sleep over. Heck, I have one device set up so that you don't even need a password for sudo. I figure once you log in you own the system. Anyone physically at the device owns the system, really.

If you're worried about that, your best bet would be to encrypt your /home and lock your device every time you're not sitting in front of it.
Thanks, I'll share that information with the relatives.
 
No it is not a security issue - you have to login first and was most likely used was Setuid, which stands for (set user ID on execution), is a special type of file permission Linux and BSD. It is a security tool that permits users to run certain programs with escalated privileges. When an executable file's setuid permission is set, users may execute that program with a level of access that matches the user who owns the file - Mint most likely changed the setuid permissions on the driver manager by removing the password requirement, thereby it just launches
 
No it is not a security issue - you have to login first and was most likely used was Setuid, which stands for (set user ID on execution), is a special type of file permission Linux and BSD. It is a security tool that permits users to run certain programs with escalated privileges. When an executable file's setuid permission is set, users may execute that program with a level of access that matches the user who owns the file - Mint most likely changed the setuid permissions on the driver manager by removing the password requirement, thereby it just launches
I explained to my relative that the Driver Manager is for Nvidia, Intel or AMD GPU's.
He thought the Driver MGR was for the Software Center.

Thanks for explaining with details:-
 


Top