Bug 111578 - rwhod runs as root
rwhod runs as root
Status: CLOSED INSUFFICIENT_DATA
Product: Fedora
Classification: Fedora
Component: rwho (Show other bugs)
2
All Linux
medium Severity low
: ---
: ---
Assigned To: Phil Knirsch
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-12-05 13:06 EST by Andrew Taylor
Modified: 2015-03-04 20:13 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-25 16:27:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
spec file changes to run rwhod as a non-privileged user (744 bytes, patch)
2003-12-05 13:14 EST, Andrew Taylor
no flags Details | Diff
sysv init file changes to run rwhod as a non-privileged user (308 bytes, patch)
2003-12-05 13:20 EST, Andrew Taylor
no flags Details | Diff

  None (edit)
Description Andrew Taylor 2003-12-05 13:06:47 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6a)
Gecko/20031030

Description of problem:
The rwhod daemon has the ability to drop root privileges on its writer
process.  We might as well take advantage of this capability and run
it as a non-priviledged user.

Version-Release number of selected component (if applicable):
rwho-0.17-19

How reproducible:
Always

Steps to Reproduce:
Run rwhod.

Actual Results:  Runs as root.

Expected Results:  The writer process should be a non-priviledged user.
Comment 1 Andrew Taylor 2003-12-05 13:14:31 EST
Created attachment 96372 [details]
spec file changes to run rwhod as a non-privileged user
Comment 2 Andrew Taylor 2003-12-05 13:20:58 EST
Created attachment 96373 [details]
sysv init file changes to run rwhod as a non-privileged user

These patches make rwhod run the writer process as a new user called "rwhod".

As few notes:
the uid for rwhod is 49, which I chose at random.  It doesn't seem to conflict
with anything I've been able to find.  Is there a registry for system uids
somewhere?

Also, if an existing rwho RPM is updated, any files in /var/spool/rwho owned by
root will not be writable by rwhod, effectively freezing the rwho information
for those hosts in time.  Perhaps the spec file should do a chown?
Comment 3 Phil Knirsch 2004-10-18 11:34:32 EDT
Sounds like a good idea.

Investigating and discussing with folks here.

Read ya, Phil
Comment 4 Matthew Miller 2005-04-26 11:38:47 EDT
Fedora Core 2 is now maintained by the Fedora Legacy project for
security updates only. If this problem is a security issue, please
reopen and reassign to the Fedora Legacy product. If it is not a
security issue and hasn't been resolved in the current FC3 updates or
in the FC4 test release, reopen and change the version to match.
Comment 5 John Thacker 2006-10-25 16:27:23 EDT
Closing per previous comment and lack of response.  Also note that FC1 and FC2
are no longer supported even by Fedora Legacy.

Note You need to log in before you can comment on or make changes to this bug.