Bugzilla – Bug 154351
/sbin/yast2 online_update starts firefox as root
Last modified: 2006-11-01 09:52:02 UTC
Firefox is running as root when using the "online update" link from within the YaST control center. I think that's bad because most users will just leave the window open and use it for browsing the web. Is it neccessary to have the browser frontend running as root?
This must not happen. (This is unrelated to the register issue which uses FF too.) What is so difficult in writing a YAST Module which speaks SOAP to zmd server?
This is known and it was agreed that the browser should run with least privileges.
As I understand this, it is about the online_update module not about the suse_register one. suse_register is not part of the current beta, so he couldn't have encountered a bug in it :)
You understand it correctly, that's why it is for me :-)
I'm not sure how to handle this: 1. the process is started by root (as yast is running under root) 2. that it changes it's UID to UID of webupdater user - this works fine for webrick, but firefox than hasn't rights to X server. How should I give it such rights only for this session?
"If /usr/sbin/web-updater-starter is running as a root (and if USERNAME env.variable relly points to the user actually ownning the X server rights) it could start firefox via 'sux #{ENV['USERNAME']} -c firefox' " Marcus, is this solution correct? (comment taken from bug #154948)
Please check also this one, I don't know if the solution with USERNAME is correct.
later
reopening web-updater related bugs
We have no web-updater, closing as irrelevant.