If that is the only way, then the software is bad, and needs to be fixed or replaced.
I do not want an insecure system and potentially exploitable system because of a setup with badly isolated processes and crappy software that requires superuser privileges. X.org can be fixed so it wont need to run as root, using kernel mode setting (KMS). OpenBSD is interested in this. http://www.phoronix.com/scan.php?page=news_item&px=NzM2MA I don't understand why a network daemon (winbindd from samba) needs root. That is absolutely stupid, and just begging to get hacked. It cant be much different from a HTTP or FTP server, and running that as root would be stupid. In dhcp3 there was recently discovered several security vulnerabilities. How convenient that it runs as root. http://www.debian.org/security/2009/dsa-1833 ** Description changed: - Binary package hint: cups - Software runs as root. This is bad, it should not run as a superuser, it is dangerous in terms of system security. This is unsafe. It should safely run as a non-privileged user. Following the principle of least privilege. http://en.wikipedia.org/wiki/Principle_of_least_privilege ** Changed in: xorg-server (Ubuntu) Status: Invalid => Confirmed -- Software runs as root https://bugs.launchpad.net/bugs/401107 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
