Actions
Bug #1896
closed
Trying to suid to 1
Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
2013-12-27
Due date:
% Done:
0%
Estimated time:
Found in version:
3.9.252
Affected Versions:
Description
When started from a user account as a daemon (-f), tvheadend tries to setuid(1) and - off cause - fails. Suppying -f -u "$UID" does not change that.
Using the daemon UID usually is the wrong choice, because if two daemons use the same UID, there is no privilege separation. An attacker will be able to take over all services if he cracks one.
Updated by Adam Sutton over 11 years ago
- Status changed from New to Rejected
This is not a bug, the use of "daemon:1" is a fallback for if the user fails to provide a valid username. If you use the standard TVH packages, then this will be the hts user, generated during installation of the package.
Adam
Actions