FS#66893 - [ddclient] runs as root by default.
Attached to Project:
Community Packages
Opened by blur (blur) - Thursday, 04 June 2020, 09:46 GMT
Last edited by T.J. Townsend (blakkheim) - Thursday, 01 June 2023, 20:20 GMT
Opened by blur (blur) - Thursday, 04 June 2020, 09:46 GMT
Last edited by T.J. Townsend (blakkheim) - Thursday, 01 June 2023, 20:20 GMT
|
Details
Description:
The ddclient service runs as root by default. The default cron config also suggest to run the client as root. $ ps -aux | grep ddclient root 2556227 5.0 0.1 31260 24516 ? S 11:42 0:00 ddclient - sleeping for 300 seconds The client can also run as a user, provided the files permissions are set accordingly. It should not run as root by default, specially if it is running as a daemon. Additional info: $ sudo pacman -Qi ddclient Name : ddclient Version : 3.9.1-1 Description : Update dynamic DNS entries for accounts on many dynamic DNS services Architecture : any URL : https://github.com/ddclient/ddclient Licenses : GPL2 Groups : None Provides : None Depends On : perl-io-socket-inet6 perl-io-socket-ssl perl-digest-sha1 net-tools perl-data-validate-ip Optional Deps : smtp-forwarder: email support requires sendmail binary Required By : None Optional For : None Conflicts With : None Replaces : None Installed Size : 222.29 KiB Packager : Johannes Löthberg <johannes@kyriasis.com> Build Date : Thu 16 Jan 2020 21:54:12 CET Install Date : Sun 01 Mar 2020 19:01:29 CET Install Reason : Explicitly installed Install Script : No Validated By : Signature $ uname -a Linux homepc 5.6.11-arch1-1 #1 SMP PREEMPT Wed, 06 May 2020 17:32:37 +0000 x86_64 GNU/Linux upstream link: https://github.com/ddclient/ddclient/issues/109 |
This task depends upon
Comment by
T.J. Townsend (blakkheim) - Friday,
21 April 2023, 22:08 GMT
As far as I can tell, this is an upstream issue. Do you have a
patch to implement proper privilege separation by default?
Otherwise I think we should close this downstream bug report until
they figure out how they want to handle it.