You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Morgan Lindqvist (JIRA)" <ji...@apache.org> on 2016/02/23 00:29:18 UTC
[jira] [Updated] (QPID-7090) qpidd should not use root as user
[ https://issues.apache.org/jira/browse/QPID-7090?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Morgan Lindqvist updated QPID-7090:
-----------------------------------
Fix Version/s: (was: qpid-cpp-next)
> qpidd should not use root as user
> ---------------------------------
>
> Key: QPID-7090
> URL: https://issues.apache.org/jira/browse/QPID-7090
> Project: Qpid
> Issue Type: Improvement
> Components: C++ Broker
> Affects Versions: qpid-cpp-0.34
> Environment: Debian/Ubuntu
> Reporter: Morgan Lindqvist
> Priority: Minor
> Labels: features, security
>
> When using the testing PPA on https://launchpad.net/~qpid to install qpidd the daemon is executed using the user id and group id "root".
> The user id and group id that should be used is "qpidd".
> This will significantly reduce the risk the the daemon can be used to get root access on the server.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org