This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 23151 - turn canna server off
turn canna server off
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: Canna (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Eido Inoue
Florence Beta-3
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-01-02 10:54 EST by Gerald Teschl
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-01-22 12:26:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Gerald Teschl 2001-01-02 10:54:44 EST
Canna will be started by default. Since this is a security risc it
should not be turned on by default.
Comment 1 Chris Evans 2001-01-02 18:57:01 EST
I consider this critical. Don't be fooled by the fact it seems to run as user
"wnn".
That's only the effective user-id, the real user-id is root, so who would be
surprised to get a remote root compromise from this. There was one not long ago,
I'm sure there will be more.

Why is this thing running with root privs anyway? Isn't it some form of font
thing?
Comment 2 Chris Evans 2001-01-02 19:05:23 EST
Oops - I'm not sure I mean user "wnn" (that's jserver), I think I mean
user "bin".
The rest is still all correct, including running as root.
Comment 3 Glen Foster 2001-01-11 16:13:53 EST
This defect is considered MUST-FIX for Florence Gold release
Comment 4 Matt Wilson 2001-01-22 12:26:19 EST
The Canna and FreeWnn packages are now installed if and only if the user selects
"support Japanese" in the installer.  The default for this is off when running
the installer in a language other than Japanese.

It won't even be installed with an Everything install unless you select to
support Japanese in the installer explicitly.

Note You need to log in before you can comment on or make changes to this bug.