Only runs as root, but should run as nonpriv user

Bug #1415422 reported by Alexis on 2015-01-28
This bug affects 1 person
Affects Status Importance Assigned to Milestone
p910nd (Ubuntu)

Bug Description

As packaged, this daemon runs as root. There is no reason for this - all it needs is access to printer devices, a pidfile, and a lockfile. Instead, it should run as user "lp", which will give it access to the printer devices. As for the pidfile and lockfile, they are easily handled in the init.d script (though a one-line patch to the source could improve things minimally by removing the need to pre-touch the pidfile). I've attached a patch that does this, also allowing the user to choose a different user (even root) in /etc/defaults/p910nd.

The man page could stand some customization but it's no worse with the patch than without.

Since this involves a daemon that takes input from the network and that runs as root (until my patch), I'm marking this as a security vulnerability. Apologies in advance if that's the wrong choice- this is my first ubuntu submission.

This patch also includes a drive-by fix of a tiny bug: the pidfile always has the same name. It shouldn't, as by design this daemon can run multiple times, once per printer, and the pidfile name is supposed to reflect the printer instance.

This is for version 0.95-1 in 14.04.1; porting up to the current version should be trivial, if not a clean patch.

Behavior is changed (daemon no longer runs as root) but this should be invisible to users. If you want to leave behavior as-is (which I think is a bad idea) then you can just change the default user back to root in /etc/default/p910nd, which will let those who want to run as lp by editing that file.

Alexis (k-alexis) wrote :
information type: Private Security → Public Security

The attachment "patch to /etc/init.d/p910nd to run as user lp (or other nonroot)" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Changed in p910nd (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers