***Warning: I detected insecure system behavior with this bug.***
Same thing happened to me. Installed gadmin-proftpd via Synaptic.
Thought I was installing a client. Realized my mistake and clicked
cancel when asked to choose between standalone and inetd. Install
failed after box popped up again multiple times.
Synaptic, however, reported it as installed. So, I uninstalled through
Synaptic. Looked at the details during the uninstall and it turned out
that instead of uninstalling, it finished the install and started the
server! But Synaptic now shows package as uninstalled!
I had to reinstall, and then uninstall again to actually uninstall it.
Because the server was started potentially without user knowledge or
permission, this is a definite system security issue.
uname -a: Linux xxx 2.6.31-18-generic #55-Ubuntu SMP Fri Jan 8 14:54:52
UTC 2010 x86_64 GNU/Linux
Steps to reproduce:
1. Start Synaptic
2. Select gadmin-proftpd for installation (version 1:0.3.5-4)
3. When config dialog asks to choose "inetd" or "standalone", press Cancel
until it crashes or goes away.
4. In Synaptic, select gamin-proftpd for Complete Removal and hit apply.
5. In progress dialog, deselect checkbox "Automatically close after the
changes..."
6. Open the Details sub-window.
Note that the server has been started.
** Changed in: proftpd-dfsg (Ubuntu)
Status: New => Confirmed
** Summary changed:
- package proftpd-basic 1.3.2-3 failed to install/upgrade: subprocess installed
post-installation script returned error exit status 1
+ Insecure behavior: Cancel on config dialog of package proftpd
--
Insecure behavior: Cancel on config dialog of package proftpd
https://bugs.launchpad.net/bugs/477808
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
