Project

General

Profile

Bug #1896

Trying to suid to 1

Added by Bodo Eggert almost 11 years ago. Updated almost 11 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
2013-12-27
Due date:
% Done:

0%

Estimated time:
Found in version:
3.9.252
Affected Versions:

Description

When started from a user account as a daemon (-f), tvheadend tries to setuid(1) and - off cause - fails. Suppying -f -u "$UID" does not change that.

Using the daemon UID usually is the wrong choice, because if two daemons use the same UID, there is no privilege separation. An attacker will be able to take over all services if he cracks one.

History

#1

Updated by Adam Sutton almost 11 years ago

  • Status changed from New to Rejected

This is not a bug, the use of "daemon:1" is a fallback for if the user fails to provide a valid username. If you use the standard TVH packages, then this will be the hts user, generated during installation of the package.

Adam

Also available in: Atom PDF