1 |
Erik Hahn schrieb am 06.10.2008 20:21: |
2 |
> On Mon, Oct 06, 2008 at 02:27:11PM +0200, Daniel Pielmeier wrote: |
3 |
>> 2008/10/6 Erik Hahn <erik_hahn@×××.de>: |
4 |
>>> No, it simply shouldn't change them, there's no reason to do that (to my |
5 |
>>> knowledge). |
6 |
>> I think it is a big security issue if a normal user could start |
7 |
>> arbitrary daemons with root privileges. So you should file a bug at |
8 |
> |
9 |
> It doesn't give anyone root privileges, it only sets wrong variables. |
10 |
> |
11 |
>> I think only root should be able to execute start-stop-daemon and the |
12 |
>> user should be changed with the proper command line switches. I |
13 |
>> actually don't know if it is --chuid or --user as this has changed |
14 |
>> between old baselayout and new openrc. |
15 |
> |
16 |
> Why's that? Running a program with user privileges is no security |
17 |
> problem at all. |
18 |
|
19 |
I got the intention the program is started with root privileges when |
20 |
using start-stop-daemon. |
21 |
|
22 |
Nevertheless I can reproduce your problem with the wrong variables. I |
23 |
think it should set the variables appropriate for the user running |
24 |
start-stop-daemon. So you should file a bug report about that. |
25 |
|
26 |
Regards, |
27 |
|
28 |
Daniel |