511906 – app-crypt/heimdal - daemons should not run as root by default

Bug 511906 - app-crypt/heimdal - daemons should not run as root by default

Summary: app-crypt/heimdal - daemons should not run as root by default

Status:	CONFIRMED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Kerberos Maintainers

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-05-30 22:33 UTC by Francisco Blas Izquierdo Riera
Modified:	2016-09-05 05:43 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Francisco Blas Izquierdo Riera (RETIRED) gentoo-dev

2014-05-30 22:33:31 UTC

It's considered really bad practice running a daemon with more privileges than the needed ones. Heimdal's daemons shouldn't at least when capabilities are available run as root.

Reproducible: Always

Steps to Reproduce:
1. USE="caps" emerge heimdal
2. ls -ld /var/heimdal (or similar)

Actual Results:  
drwxr-xr-x 1 root root 50 30 maj 21.14 /var/heimdal/

Expected Results:  
drwxr-x--- 1 heimdal heimdal 50 30 maj 21.14 /var/heimdal/

Just an example the init.d files also need being changed.