Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 324745 - sys-boot/unetbootin - Started via Alt+F2, unetbootin tries to run as root
Summary: sys-boot/unetbootin - Started via Alt+F2, unetbootin tries to run as root
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it
URL: https://github.com/unetbootin/unetboo...
Whiteboard:
Keywords: NeedPatch
Depends on:
Blocks:
 
Reported: 2010-06-19 22:07 UTC by lxg
Modified: 2022-02-11 00:21 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description lxg 2010-06-19 22:07:28 UTC
When starting unetbootin as normal user in KDE via Alt+F2, the program requests higher privileges through kdesu.

This does not happen when starting it from the shell. I assume this is due to the fact that from the shell, it will run /usr/bin/unetbootin, while KDE will use /usr/share/applications/unetbootin.desktop.


I do however not see a reason why this tool should run as root.
- Everything it does can as well be accomplished with a normal user's privileges.
- For a tool that goes online, you should think twice before you give it superuser rights.


Reproducible: Always

Steps to Reproduce:




Portage 2.1.8.3 (default/linux/amd64/10.0/desktop, gcc-4.4.4, glibc-2.11.2-r0, 2.6.34-gentoo-r1 x86_64)
=================================================================
System uname: Linux-2.6.34-gentoo-r1-x86_64-Intel-R-_Core-TM-_i7_CPU_960_@_3.20GHz-with-gentoo-2.0.1
Timestamp of tree: Sat, 19 Jun 2010 08:15:02 +0000
ccache version 2.4 [enabled]
app-shells/bash:     4.1_p7
dev-java/java-config: 2.1.11
dev-lang/python:     2.6.5-r2, 3.1.2-r3
dev-util/ccache:     2.4-r8
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.6.1-r1
sys-apps/sandbox:    2.2
sys-devel/autoconf:  2.13, 2.65
sys-devel/automake:  1.8.5-r4, 1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.3.4, 4.4.4-r1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
virtual/os-headers:  2.6.34
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="* -@EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=core2 -msse4 -mcx16 -msahf -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=core2 -msse4 -mcx16 -msahf -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests ccache distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="ftp://mirror.netcologne.de/gentoo/ http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ ftp://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/"
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.de.gentoo.org/gentoo-portage"
USE="X a52 aac acl acpi aiglx alsa amd64 arts avi bash-completion berkdb bluetooth branding bzip2 cairo cdr cli consolekit cracklib crypt cups cxx dbus dri dri2 dts dv dvb dvd dvdr dvdread emboss encode exif fam fame ffmpeg firefox flac foomaticdb fortran gdbm gif gpm gtk gtk2 hal iconv imlib ipv6 jpeg kde lcms libnotify mad matroska mikmod mmx mng modules mp3 mp4 mpeg mudflap multilib ncurses nls nptl nptlonly ogg opengl openmp pam pango pcre pdf perl png ppds pppd python qt qt3support qt4 readline reflection sdl session spell spl sse sse2 ssl subversion svg sysfs tcpd theora tiff truetype unicode usb userlocales v4l2 vlm vorbis vpx win64codecs x264 xcb xinerama xml xorg xulrunner xv xvid zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="radeonhd radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2010-06-24 04:46:59 UTC
It needs root to have write access to the raw device through syslinux.

Also, giving it root doesn't imply it goes online without dropping privileges in the thread that does the downloading, but you may be right - I haven't audited the code either.
Comment 2 Jonas Stein gentoo-dev 2022-02-11 00:21:32 UTC
this needs to be fixed upstream, where you find the according ticket already.