421043 – gdm run as root user

Bug 421043 - gdm run as root user

Summary: gdm run as root user

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] GNOME (show other bugs)
Hardware:	AMD64 Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Linux Gnome Desktop Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2012-06-14 00:33 UTC by Jens Kasten
Modified:	2012-07-07 13:13 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
emerge --info (info,4.90 KB, text/plain) 2012-06-14 00:33 UTC, Jens Kasten	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jens Kasten 2012-06-14 00:33:17 UTC

Created attachment 315239 [details]
emerge --info

I test this on my hardened workstation with gnome.

I got the follow log:
request WRITE, pid 3931, ppid 3930, prog_name gdm, prog_file /usr/sbin/gdm-binary, uid 0, target_type FILE, tid Device 254:02 Inode 16 Path /home/users/jens/.xsession-errors, attr none, value none, result NOT_GRANTED by ACL

Then I look in the gdm ebuild and found this:
    enewgroup gdm
    enewuser gdm -1 -1 /var/lib/gdm gdm

While the gdm is installed its add a new user gdm.
So I suppose that the gdm is running with that user but is not.

root      3930  0.0  0.1 167092 10436 ?        Ss   Jun13   0:00 /usr/bin/gdm

Comment 1 Pacho Ramos gentoo-dev

2012-07-07 13:13:14 UTC

Explained at:
http://projects.gnome.org/gdm/docs/2.14/security.html#gdmuser