Ubuntu
android package

phablet user in android_net group

Bug #1240214 reported by Jamie Strandboge
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
android (Ubuntu)
New
Undecided
Unassigned

Bug Description

The phablet user is in several android_net* groups:
  /etc/group:android_net:x:3003:phablet
  /etc/group:android_net2:x:3004:phablet
  /etc/group:android_net3:x:3002:phablet

ubuntu-system image #97 has the following:
/var/lib/lxc/android/rootfs/system/bin/netcfg -rwxr-s--- root android_net

Looking at system/core/netcfg/netcfg.c from the 'android' source package, netcfg can be used to bring network interfaces up and down. It is not clear why the phablet user would need this access when the phablet user can use network-manager. This isn't currently a security issue because the phablet user is able to user network-manager to bring up and down interfaces already, so no privilege boundary is crossed. However, on a multiuser system when the system is configured to restrict network configuration for a user, this may become a problem. Regardless, the hidden additional access seems superfluous.

Can someone remove the phablet user from the android_net* groups or justify why this is needed?

Thanks!

Jamie Strandboge (jdstrand)
Changed in touch-preview-images:
assignee: nobody → Ricardo Salveti (rsalveti)
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Any information on this?

Bill Filler (bfiller)
no longer affects: touch-preview-images
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.