quasselcore does not connect to database at boot

Bug #612729 reported by Alvin
This bug affects 2 people
Affects Status Importance Assigned to Milestone
quassel (Ubuntu)

Bug Description

Binary package hint: quassel

At boot, quasselcore does not connect to a postgresql server (a separate server, I didn't try localhost).
My guess is that quasselcore tries to start before the network is up.

After a reboot of the server, this will leave the core in a blank state. Anyone can connect. The first user that does will become administrator and can then configure a database, or connect to one, so I'm marking this as a security bug. It remains to be seen how bad a stolen IRC client is, but if you have multiple users, the chance that this happens is high.

Workaround: restart the quasselcore after boot before anyone can connect.

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: quassel-core 0.6.1-0ubuntu1
ProcVersionSignature: Ubuntu 2.6.32-24.38-server
Uname: Linux 2.6.32-24-server x86_64
Architecture: amd64
Date: Mon Aug 2 22:20:34 2010
 PATH=(custom, user)
SourcePackage: quassel

Revision history for this message
Alvin (alvind) wrote :
visibility: private → public
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

security vulnerability: yes → no
Revision history for this message
Scott Kitterman (kitterman) wrote :

I'm not sure how we could best solve this. The default configuration is a local sqlite database, so having it wait on the network to start generally would slow things down.

Changed in quassel (Ubuntu):
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for quassel (Ubuntu) because there has been no activity for 60 days.]

Changed in quassel (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers