Shortsighted reaction on the side of Canonical
You can only change the clock using this bug you say? This wouldn't be so bad in itself weren't it for the following:
- SSL depends on a correct date and time setting to verify certificates
- different tools create hidden files in the users home folder indicating previous successful root authentications
The second problem can be used to very nicely exploit. Change the system clock to *right* after one of those files was created and it will think that you very recently authenticated as root and thus don't have to enter your password again. This can be used to gain full root access.
Biting the hand that feeds IT
