Samsung installer causes OpenOffice.org to run as root(!)

kmos@bash:~$ ps xua |grep writer
kmos 8596 0.0 0.0 1712 520 ? S 11:11 0:00 /bin/sh /usr/lib/openoffice/program/soffice -writer -splash-pipe=5
kmos 8614 4.3 5.7 175768 59460 ? Sl 11:11 0:01 /usr/lib/openoffice/program/soffice.bin -writer -splash-pipe=5

I think you're running root, instead of your own account.

This happens every time I upgrade to gutsy... and since I love using the beta software, I will have to put up with it until it is fixed.

I know that I am not running as root. I have tested it in my own admin account (the default account made with ubuntu install), and with a completely unprivileged one. Both have the same perturbing results.

I am willing to offer ssh access for anyone who thinks it will help.

Gutsy is NOT Beta software. Do NOT run Gutsy. The serious developers don't even run it yet. It's not at a point where it's meant to be runnable. If you do run Gutsy, don't file bugs about it. At this point in it's development, it's meant to be broken.

Sorry... I was not aware that bugs were not to be filed for gutsy... and I thought it was quite a serious issue.

Sorry for bothering you unnecessarily.

Kind Regards,
Matthew

Scott: Encouraging users not to run Gutsy is fine, but if a bug is found, of course it should be submitted, the sooner the better. How else are we going to find the bugs???

Matthew: would you try running

ps xua |grep writer

and

id

after starting openoffice?

Actually - Given that I needed OpenOffice in a usable state for my uni work,
and it regularly crashed on standard files (as well as having this root
problem), I reinstalled feisty.

If you would like, I will install gutsy again on a test partition, and play
with it there, and report back. The problem is not reproducible for you?

Kind Regards,
Matthew

On 5/5/07, Mikael Nilsson <email address hidden> wrote:
>
> Scott: Encouraging users not to run Gutsy is fine, but if a bug is
> found, of course it should be submitted, the sooner the better. How else
> are we going to find the bugs???
>
> Matthew: would you try running
>
> ps xua |grep writer
>
> and
>
> id
>
> after starting openoffice?
>
> --
> OpenOffice runs as root for all users
> https://bugs.launchpad.net/bugs/110724
> You received this bug notification because you are a direct subscriber
> of the bug.
>
>

Ahm... This is not good. The same issue is now occurring in feisty... without any upgrades from gutsy.

The output from ps xua | grep writer is:
1000 23627 0.0 0.0 2892 776 pts/1 S+ 12:17 0:00 grep writer
Which indicates that it SHOULD not have root access, right? UID 1000 is my normal ubuntu account.

id yields:
uid=1000(themadhatter) gid=1000(themadhatter) groups=4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),104(scanner),112(netdev),113(lpadmin),115(powerdev),117(admin),1000(themadhatter),1001(vboxusers)

I would very much like this issue resolved...
Kind Regards,
Matthew

you only found the "grep" process... You need to find the OO process.

:$... Sorry - that is quite embarrassing.

The two you are after are:
1000 8526 0.0 0.0 1712 520 ? S 17:56 0:00 /bin/sh
/usr/lib/openoffice/program/soffice -writer -splash-pipe=5
root 8544 5.4 6.1 174012 63372 ? Sl 17:56 0:01
/usr/lib/openoffice/program/soffice.bin.bin -writer -splash-pipe=5

The shell wrapper soffice is being run by me, and then, without any
authentication prompt (in any case), soffice.bin.bin (the actual OOo
process) is being triggered to run as root.

Any ideas?

Kind Regards,
Matthew

Interesting, why soffice.bin.bin???? Try

ls -l /usr/lib/openoffice/program/soffice*

/Mikael

lör 2007-05-05 klockan 07:58 +0000 skrev Matthew Wardrop:
> :$... Sorry - that is quite embarrassing.
>
> The two you are after are:
> 1000 8526 0.0 0.0 1712 520 ? S 17:56 0:00 /bin/sh
> /usr/lib/openoffice/program/soffice -writer -splash-pipe=5
> root 8544 5.4 6.1 174012 63372 ? Sl 17:56 0:01
> /usr/lib/openoffice/program/soffice.bin.bin -writer -splash-pipe=5
>
> The shell wrapper soffice is being run by me, and then, without any
> authentication prompt (in any case), soffice.bin.bin (the actual OOo
> process) is being triggered to run as root.
>
> Any ideas?
>
> Kind Regards,
> Matthew
>
--
<email address hidden>

Plus ça change, plus c'est la même chose

I replied to the email, but they seem not to have appeared here....

Thanks for your interest!

ls -l /usr/lib/openoffice/program/soffice*
-rwxr-xr-x 1 root root 9226 2007-04-11 13:08 /usr/lib/openoffice/program/soffice
-rwsr-xr-x 1 root root 4840 2007-02-13 18:06 /usr/lib/openoffice/program/soffice.bin
-rwxr-xr-x 1 root root 347648 2007-04-11 10:57 /usr/lib/openoffice/program/soffice.bin.bin
-rw-r--r-- 1 root root 435 2007-04-11 13:09 /usr/lib/openoffice/program/sofficerc

dpkg -S /usr/lib/openoffice/program/soffice.bin.bin
dpkg: /usr/lib/openoffice/program/soffice.bin.bin not found.

dpkg -S /usr/lib/openoffice/program/soffice.bin
openoffice.org-core: /usr/lib/openoffice/program/soffice.bin

Whether that means soffice.bin.bin was then installed during a script in post-execution, or in one of my other packages, I am not sure... I will have a look around. But either way, how is it getting root privileges?

Kind Regards,
Matthew

AND:

Hmmm - this is strange.

themadhatter@themadhatter-laptop:/usr/lib/openoffice/program$ ./soffice.bin
Launching a SCIM daemon with Socket FrontEnd...
Loading simple Config module ...
Creating backend ...
Loading socket FrontEnd module ...
Starting SCIM as daemon ...
GTK Panel of SCIM 1.4.4

So far that is what we would expect... but a ps check yields:
root 7562 5.2 4.1 128448 42604 pts/0 Sl+ 09:34 0:00 /usr/lib/openoffice/program/soffice.bin.bin

If however, I run directly:
themadhatter@themadhatter-laptop:/usr/lib/openoffice/program$ ./soffice.bin.bin
1000 8944 8.0 4.9 167324 50460 pts/1 Sl+ 09:38 0:01 /usr/lib/openoffice/program/soffice.bin.bin

Also, I cannot find the package that contributed this soffice.bin.bin . Apart from the standard channels (ubuntu repositories), I have only installed:
- VirtualBox 1.3.8 (official deb from website)
- monotone 0.34 (also from official website)

I have also manually compiled:
- Pidgin
- Avant Window Navigator
- Affinity
These three I have sent explicitly to /usr/local .

Insofar as I can see, none of these packages are responsible.

Kind Regards,
Matthew

hi,

Matthew Wardrop [2007-05-06 2:05 -0000]:
> -rwsr-xr-x 1 root root 4840 2007-02-13 18:06 /usr/lib/openoffice/program/soffice.bin

So that's the culprit. It should absolutely not be installed setuid
root.

Wow... such a simple thing.

I have fixed it locally, and am happy.

But how did it get like that?

Kind Regards,
Matthew

Hi,

Matthew Wardrop [2007-05-06 11:51 -0000]:
> Wow... such a simple thing.
>
> I have fixed it locally, and am happy.
>
> But how did it get like that?

I don't have any idea. It is not shipped like that, and it's certainly
not here. Can you please check if it is still setuid root after

  sudo apt-get install --reinstall openoffice.org-core

? If it is, what do

  dpkg -l openoffice.org-core

and

  dpkg-statoverride --list

show?

Hi Matthew and all,
I experienced the same problem here and found out where this came from:

The culprit was the stupid Samsung SCX-4200 (printer+scanner) installer, which does a lot of ugly things (renaming the soffice.bin file to soffice.bin.bin and making the original file a wrapper which then calls soffice.bin.bin setuid root). Doing such things is completely irresponsible! I'll write an email to Samsung soon and encourage everyone experiencing this problem to do so.

Cheers,
Nico

Whoops - I forgot to mention that... But wow... I will certainly let Samsung know of my displeasure.

Kind Regards,
Matthew

Same story here!
I came here to report the setuid root soffice.bin. Lo and behold: the Samsung installer has been run.
The Samsung installer made soffice.bin setuid root. That's outrageous.
I'll see if I can contact Samsung QA about this.