208600 – app-office/openoffice Attempts to Access /home/rodo & /home/sragavan

Bug 208600 - app-office/openoffice Attempts to Access /home/rodo & /home/sragavan

Summary: app-office/openoffice Attempts to Access /home/rodo & /home/sragavan

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High minor
Assignee:	Gentoo Office Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2008-02-02 17:12 UTC by Steven Elling
Modified:	2008-03-24 15:03 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Steven Elling 2008-02-02 17:12:43 UTC

First off some background.

I have a central server with NFS running, which makes user home directories among other directories available to client machines via Automount + NFS. Logwatch is running on the server and I get mailed reports daily.

In the Logwatch reports, I will see the following every once in a while:

--------------------- Mountd Begin ------------------------

Attemts to mount nonexisting files or directories:
/home/rodo:260 Time(s)
/home/sragavan:10 Time(s)

---------------------- Mountd End -------------------------

When I first saw this I thought someone had either broken into the server or was attempting to but the logs, chkrootkit, qcheck and qfile did not support this.

I also recursively searched through /usr/portage to possibly identify an ebuild that referenced those two home directories but did not find any.

At this point, I just discounted the mount attempts as some anomaly in Gentoo.
-----

After seeing the mount errors again today, I decided to search Google for those two home directories and the common denominator between the two is paths with 'ooo-build' in them.

I unpacked the latest Openoffice sources (2.3.1) and did a recursive grep on then for rodo and sragavan and found several matching files.

While I now know where the mount errors are coming from, I believe this needs to be fixed.

While this bug report can have a severity of 'minor' because *we know* the source of the errors, I believe this is a security related matter to Gentoo users that care about the security of their systems and this bug report should have a severity of 'major' or 'critical' because false positives are just as important as true positives.

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2008-02-02 17:39:11 UTC

Please submit such stuff upstream, we won't fix this.

Comment 2 Steven Elling 2008-02-08 20:09:58 UTC

So what your saying is you will not work with upstream or, for that matter, even report it upstream like other developers do?

Comment 3 Andreas Proschofsky (RETIRED) gentoo-dev

2008-03-02 23:03:17 UTC

(In reply to comment #2)
> So what your saying is you will not work with upstream or, for that matter,
> even report it upstream like other developers do?
> 

This seems to have gone the wrong way here, sorry. Also sorry, that I respond that late...

Sure we work with upstream, and also sure

Anyway: This sounds like a simple oversight by some Novell-developers (rodo an sragavan are working for Novell on OOo). Please report this upstream, also give them the ooo-build-release-version you built your OOo with (this info is found in the about-screen)

thanks for reporting this

Comment 4 Andreas Proschofsky (RETIRED) gentoo-dev

2008-03-24 15:03:27 UTC

Advice given, no reaction, bug closed