I have just come across this bug as well, on a fully up-to-date Lucid. I
can't seem to reproduce it with my limited knowledge, but I'm sure a
developer could find a way to reproduce it. And I'm sure a knowledgeable
attacker could do the same.
Indicator Applet crashes. Apport offers to restart the program; but
presumably as Apport runs as root, it starts a new instance of Gnome
Panel as root (the name on the top-right corner is 'root', and if you go
to Applications > Accessories > Terminal it starts a root terminal).
The original Gnome Panel is still running underneath; if you kill the
root instance you will see your user's regular panels again.
This could be regarded as a local privilege escalation attack.
** Changed in: indicator-applet (Ubuntu)
Status: Invalid => Confirmed
--
When restarting indicator applet after its crash, it launches as root
https://bugs.launchpad.net/bugs/445017
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
