Software runs as root
Bug #401107 reported by
Fred
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
acpid (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
bluez (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
cron (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
cups (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
devicekit (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
devicekit-disks (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
devicekit-power (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
dhcp3 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
gdm (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
lightdm (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
network-manager (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
ntfs-3g (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
samba (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
wpasupplicant (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
xorg (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
xorg-server (Ubuntu) |
Won't Fix
|
Wishlist
|
Unassigned |
Bug Description
Software runs as root.
This is bad, it should not run as a superuser, it is dangerous in terms of system security. This is unsafe.
It should safely run as a non-privileged user.
Following the principle of least privilege.
http://
description: | updated |
tags: | added: superuser |
description: | updated |
visibility: | private → public |
no longer affects: | consolekit (Ubuntu) |
no longer affects: | modemmanager (Ubuntu) |
no longer affects: | udev (Ubuntu) |
no longer affects: | upower (Ubuntu) |
To post a comment you must log in.
Thanks for opening this bug report.
Most of the daemons you've listed run as superuser as that is the only way to have the necessary privileges for them to operate correctly. In some cases, the daemons are protected by AppArmor profiles. This is the case with cups and dhcp3.
If you have discovered a way of running some of the daemons you've listed above as a non-root user, without losing functionality, please open a separate bug report for each of them that includes instructions/ patches.
Thank you.