← Back to team overview

desktop-packages team mailing list archive

[Bug 401107] Re: Software runs as root

 

Security vulnerabilities must not be ignored!

Robert,
Cant LightDM use AppArmor or PolicyKit?

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/401107

Title:
  Software runs as root

Status in “acpid” package in Ubuntu:
  Invalid
Status in “bluez” package in Ubuntu:
  Invalid
Status in “cron” package in Ubuntu:
  Invalid
Status in “cups” package in Ubuntu:
  Invalid
Status in “devicekit” package in Ubuntu:
  Invalid
Status in “devicekit-disks” package in Ubuntu:
  Invalid
Status in “devicekit-power” package in Ubuntu:
  Invalid
Status in “dhcp3” package in Ubuntu:
  Invalid
Status in “gdm” package in Ubuntu:
  Invalid
Status in “lightdm” package in Ubuntu:
  Invalid
Status in “network-manager” package in Ubuntu:
  Invalid
Status in “ntfs-3g” package in Ubuntu:
  Invalid
Status in “samba” package in Ubuntu:
  Invalid
Status in “wpasupplicant” package in Ubuntu:
  Invalid
Status in “xorg” package in Ubuntu:
  Invalid
Status in “xorg-server” package in Ubuntu:
  Won't Fix

Bug description:
  Software runs as root.
  This is bad, it should not run as a superuser, it is dangerous in terms of system security. This is unsafe.
  It should safely run as a non-privileged user.

  Following the principle of least privilege.
  http://en.wikipedia.org/wiki/Principle_of_least_privilege

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/acpid/+bug/401107/+subscriptions