I ran azureus as root in order ot install the updates. I then closed it (forgetting it backgrounds rather than terminating.) I then opened it as a user, I first thaught my settings had been reset so I configured it again, I then downloaded a few torrents, when I went to fetch the downloaded files they were nowehere to be found. I then checked the terminal I started azureus in, it said it tapped into a pre-existing session, so I looked and sure enough the downloads where in the /root diretory. I opened azureus as a user and could use it to write to the root directory, I do not know exactly how to exploit this with the java-vm, but if you can tap in to it as a user I am sure you could load a custom java program with azereus session code to gain root access. sounds liek a majior bug to me. Reproducible: Always Steps to Reproduce: 1.load azereus as root 2.close azerus with the close button 3.load azureus as another user and it taps into the root session Actual Results: exodist@Abydos-64 exodist $ azureus Attempting to start Azureus... StartSocket: passing startup args to already-running Azureus java process. an azereus window poped up, but it was with full root and not the user priviledges Expected Results: prevented me from gaining root access in almost anyway, but not give it to me. perhapse block it from starting or start a new process Abydos-64 exodist # emerge info Portage 2.0.51.19 (default-linux/amd64/2004.3, gcc-3.4.3, glibc-2.3.4.20041102-r1, 2.6.11-gentoo-r6-Exodist x86_64) ================================================================= System uname: 2.6.11-gentoo-r6-Exodist x86_64 AMD Athlon(tm) 64 Processor 3500+ Gentoo Base System version 1.4.16 Python: dev-lang/python-2.3.4-r1 [2.3.4 (#1, Mar 24 2005, 22:17:54)] dev-lang/python: 2.3.4-r1 sys-devel/autoconf: 2.59-r6, 2.13 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.5, 1.4_p6, 1.6.3, 1.9.4 sys-devel/binutils: 2.15.92.0.2-r7 sys-devel/libtool: 1.5.14 virtual/os-headers: 2.6.8.1-r4 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CFLAGS="-O2 -march=athlon64 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=athlon64 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig ccache distlocks sandbox strict" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/Linux/distributions/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="amd64 X aalib acpi alsa berkdb bitmap-fonts cdr crypt cups curl directfb dvd dvdr esd fam flac font-server fortran gif gimp-print gpm gstreamer gtk imagemagick imlib ipv6 java jp2 jpeg junit lzw lzw-tiff mad mozilla mp3 ncurses nls nvidia ogg opengl oss pam pcre perl png python qt readline samba sdl spell ssl tcpd tiff truetype truetype-fonts type1-fonts usb userlocales vorbis xinerama xml xml2 xmms xpm xrandr xv zlib" Unset: ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY
> I ran azureus as root in order ot install the updates. First of all I do not understand why should you run this as root to install updates. You should emerge a new versions (if it
> I ran azureus as root in order ot install the updates. First of all I do not understand why should you run this as root to install updates. You should emerge a new versions (if it´s in portage), right? With that in mind, running a P2P application as root is a really dumb(tm) idea. Assigning to security to share some briliant ideas anyway. :p
Auditors, please debunk this one...
when you start azureus and updates are available it will harrass you constantly to install the updates and it is really annoying, but portage is not always up to the latest version of azureus, the only way to avoid the pain is to run it as root and install the update (it will not install as a user)
How did you get the root shell? If the environment was not reset $HOME could be pointing to the user home directory, thus confusing azureus
as the user I did a su root I then opened azereus as root and let it download/install the updates after it was done I closed it and typed exit to leave the root session back in regular user mode I opened azereus again and it was a root session, as though the other one never truley closed and the user-mode execution just opened the window back up.
There is no easy way around this. Azureus implements inter-process communtication (eg allows you to add torrents to an already running instance via the commandline) via a simple tcp protocol, it is simply not designed for a multi-user environment. Currently you simply should not run azureus as root and update via portage (you can easily turn off the update nagging in the options and I'm even surprised that updating via Azureus even works...). Problem should be filed under PEBKAC ;-)
Sejo please include a proper ewarn in the ebuild.
jaervosz i'm on it
ewarn added to azureus so should be closed as cantfix
Thx Sejo.
I think there is a misunderstanding here I'd like to address although the bug is already marked as RESOLVED CANTFIX and PEBKAC was identified as the cause. From the description and posts it sounds like the first azureus is running and then the second azureus is connecting to the first azureus program (over some TCP) and providing a interface for it. However, the following is the case IMO: The second azureus checks, if a instance is running (in this login session). Since this is the case, it sends a signal to it and terminates. It signals the first session to show itself to the user. The same is true for most programs (like gedit, for example). If a process is found, it is brought to foreground. The issue is that the second azureus checks if there is *any* instance running in this login session, and not wether it is run under the same user. As said before, it is neither a problem nor a security risk or anything. Resolution is fine. Thanks for reading ;-)
