Clicking webpage links in UNetbootin starts Firefox with root privileges
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| UNetbootin |
Confirmed
|
Undecided
|
Unassigned | ||
| unetbootin (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: unetbootin
I am running Ubuntu 9.10 i386
The installed package version of unetbootin is "356-1"
The installed package version of unetbootin-
In unetbootin, if I click any of the webpage links, Firefox is launched with root privileges. Running a web browser as the root user can be a security risk.
To reproduce this bug:
(Assuming Firefox is set as your default web browser)
1. Launch unetbootin then click any of the webpage links. (this should start Firefox)
2. In the Gnome System Monitor, switch to the process tab and select All Processes from the View menu.
3. Go to Edit > Preferences and under Information Fields check the "User" box.
4. In the list of running processes you should see an instance of Firefox with the user column saying root.
| description: | updated |
| summary: |
- Clicking homepage link in UNetbootin opens page in Firefox as root + Clicking webpage links in UNetbootin starts Firefox with root privileges |
| Mörgæs (moergaes) wrote | #1 |
| Changed in unetbootin (Ubuntu): | |
| status: | New → Confirmed |
| Changed in unetbootin: | |
| status: | New → Confirmed |
| dsfgsdfg (dsfgsdfg) wrote | #2 |
The bug still exists in version 575 using daily build of Lubuntu 13.04 in a live boot.
Received the message "Chromium can not be run as root. Please start Chromium as a normal user. To run as root, you must specify an alternate --user-data-dir for storage of profile information."