Directory package-data-downloads/partial should belong to user _apt
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
update-notifier (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
For several versions now, apt has introduced a system user named _apt. When downloading files, it tries to switch to this user in order to limit the attack surface; downloading files as root is quite simply dangerous. If the user _apt cannot write to the target directory, then apt remains root, does the download just fine, but prints an ominous warning.
Package update-notifier has such a directory, used to handle package data downloads (Flash, Microsoft Core Fonts, etc.). Currently, the ominous warning is printed every time those files are downloaded using command-line apt or aptitude. (Which in the case of Flash, is quite often.)
Doing a chmod _apt /var/lib/
Ubuntu release: 16.04
Source package: update-notifier
Package version: 3.168.5