blob: 569dd2a8c56532427bd70ea2957292cdbb87e05e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
@product
Feature: Root access control enforcement
As a Tails user
when I set an administration password in Tails Greeter
I can use the password for attaining administrative privileges.
But when I do not set an administration password
I should not be able to attain administration privileges at all.
Scenario: If an administrative password is set in Tails Greeter the live user should be able to run arbitrary commands with administrative privileges.
Given I set sudo password "asdf"
And I log in to a new session
And Tails Greeter has dealt with the sudo password
Then I should be able to run administration commands as the live user
Scenario: If no administrative password is set in Tails Greeter the live user should not be able to run arbitrary commands administrative privileges.
Given I have started Tails from DVD without network and logged in
And Tails Greeter has dealt with the sudo password
Then I should not be able to run administration commands as the live user with the "" password
And I should not be able to run administration commands as the live user with the "amnesia" password
And I should not be able to run administration commands as the live user with the "live" password
Scenario: If an administrative password is set in Tails Greeter the live user should be able to get administrative privileges through PolicyKit
Given I set sudo password "asdf"
And I log in to a new session
And Tails Greeter has dealt with the sudo password
And GNOME has started
And running a command as root with pkexec requires PolicyKit administrator privileges
Then I should be able to run a command as root with pkexec
Scenario: If no administrative password is set in Tails Greeter the live user should not be able to get administrative privileges through PolicyKit with the standard passwords.
Given I have started Tails from DVD without network and logged in
And running a command as root with pkexec requires PolicyKit administrator privileges
Then I should not be able to run a command as root with pkexec and the standard passwords
|