← Back to team overview

ubuntustudio-bugs team mailing list archive

  1. ubuntustudio-bugs team
  2. Mailing list archive
  3. Message #00151

[Bug 1334056] Re: LibreOffice opens a TCP port on localhost and doesn't start if the port is blocked

  Thread PreviousDate PreviousThread Next 
Thanks for this report; I'm unmarking the 'security' flag after a quick
inspection of the changes introduced in the most recent update show
significant reworking of bluetooth connectivity including some work for
remotecontrol devices. It seems more likely to me that requiring a TCP
port to localhost is from these than a mistaken debug mode.

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to libreoffice in Ubuntu.
Matching subscriptions: Ubuntu Studio Bugs
https://bugs.launchpad.net/bugs/1334056

Title:
  LibreOffice opens a TCP port on localhost and doesn't start if the
  port is blocked

Status in “libreoffice” package in Ubuntu:
  New

Bug description:
  I am on Kubuntu 14.04 amd64 with latest packages of everything
  (libreoffice-core = Version: 1:4.2.4-0ubuntu2).

  LibreOffice was working fine until about 2014-06-22 - thats the modification date of the last file which I edited with it.
  Somewhere between 2014-06-22 and 2014-06-24, a package was auto-updated and now it won't start anymore. 
  It hangs at the splash screen.

  I've figured out the reason: LibreOffice opens a random TCP port on 127.0.0.1 and tries to connect to it. Because I have blocked connections to localhost in my firewall, the connection fails, resulting in the hang. If I open the port, it works.
  I cannot add a firewall rule to fix this permanently though because the port is chosen randomly.
  And why does a text editor need a TCP port anyway?

  Please do one of the following:
  - Check whether this is debug functionality which has accidentally been left in. It might be a security issue, so I filed this as security. Please remove the flag if it is not.
  - Add a way of configuring it to disable the TCP stuff.
  - Add a way of configuring which port is used .

  Please do not tell me that denying access to localhost is nonsense:
  There are certain daemons which do not provide authentication
  mechanisms, and there are multiuser machines. If I want to protect
  those daemons on a multiuser machine I need to deny localhost
  connections by default and work with whitelisting allowed types of
  connections.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1334056/+subscriptions
  Thread PreviousDate PreviousThread Next