Search Communities:
Up to Discussions in Client Assistance

This Question is Answered

1 "helpful" answer available (2 pts)
6 Replies Last post: Dec 11, 2007 11:38 AM by latency

why CNR don't need a su password running on ubuntu?

Dec 5, 2007 6:40 AM

Click to view inuxor's profile inuxor 2 posts since
Dec 5, 2007

i am a years user of ubuntu and an hours user of CNR from China, and my question is why CNR do not call me for a root password when i installing a player (banshee) with it ?

yet, it run well. but safe so?

Click to view Daniel Paquet's profile Daniel Paquet 7 posts since
Dec 5, 2007
1. Re: why CNR don't need a su password running on ubuntu? Dec 5, 2007 9:58 AM
Does it has root sticky bit set? I dont have CNR client as im on Debian, but you may want to look if the sticky bit is there.
Click to view BigDawg's profile BigDawg 64 posts since
Nov 27, 2007
2. Re: why CNR don't need a su password running on ubuntu? Dec 5, 2007 3:02 PM

The setuid bit is turned on so that the CNR client runs as affectively root. This is done so that any user can install/unisntall/update software on a machine. We thought these activities are useful enough to warrant the use of setuid.

To quote the setuid folks, "In some cases these privileges are insufficient to do useful things, for example if the user had the ability to write to the /etc/passwd file they could alter or remove all users passwords - but without access to it they cannot change their own password!"

Click to view inuxor's profile inuxor 2 posts since
Dec 5, 2007
3. Re: why CNR don't need a su password running on ubuntu? Dec 5, 2007 10:37 PM
understand , thank you , and i will take the news to ubuntu users i know!http://community.cnr.com/images/emoticons/grin.gif!
Click to view t_rick.geo's profile t_rick.geo 5 posts since
Dec 8, 2007
4. Re: why CNR don't need a su password running on ubuntu? Dec 8, 2007 7:10 AM
in response to: inuxor
I really think that there should be an option to prevent the CNR client from running as root. I am a stickler for security and control and really do not want applications running as root unless I specify.
Click to view BigDawg's profile BigDawg 64 posts since
Nov 27, 2007
5. Re: why CNR don't need a su password running on ubuntu? Dec 8, 2007 10:13 AM
in response to: t_rick.geo
We will add that to the project wish list. I agree that it would be nice.
Click to view latency's profile latency 4 posts since
Dec 11, 2007
6. Re: why CNR don't need a su password running on ubuntu? Dec 11, 2007 11:38 AM
in response to: t_rick.geo
The CNR Client does not actually run as root. It starts as root, but immediately drops privilages down to the user that started the client. For nearly all of the client's operation in runs as a normal user application. It is only when it needs to do something where it must be root like running dpkg -i <package> that it elevates it's privilages. And of course once the root action is done it removes privilages again. Although it is not as safe as a user application this is much safer than an application that really runs as root.

Actions

More Like This