[mythtv-users] mythfilldatabase autorun config file location error

Wed Oct 18 23:28:12 UTC 2006

On 10/18/06 18:33, R. G. Newbury wrote:

>Michael T. Dean wrote:
>  
>
>>On 10/17/06 17:12, R. G. Newbury wrote:
>>
>>>Although I still do not understand why 'running mythfilldatabase root is 
>>>not a good idea'.
>>>This is a myth.
>>>
>>If you run a program as user mythtv, and it has a 
>>bug/exploit/failure/whatever, it can destroy the mythtv user's data.  If 
>>you run a program as user root, and it has a 
>>bug/exploit/failure/whatever, it can destroy the entire system (or even 
>>do other more nefarious deeds).  That is not a myth--I'd be happy to 
>>provide you an example program if you'd like to test it.  :D  (I think 
>>I'd call the program, 
>>"I_cant_believe_I_convinced_you_to_install_and_run_myrootkit".)
>>    
>>
>The first 2 cases involve problems with the program itself. If 
>mythfilldatabase blows up, the data it is most likely to kill is the 
>mythconverg database. And it does not matter whether it was 'mythtv' or 
>as 'root' that launched the program.
>I will allow that, *in general* a runaway bug in a program COULD do more 
>damage if running under root than when running under a user.
>I will allow that this may make a difference if the box is used for 
>other purposes besides being run purely as a mythbox, I would not allow 
>my secretary to run as root
>  
>
You're focusing on the word rootkit.  It has only become a rootkit 
because you executed it as root.  Had you executed it as a non-root 
user, the damage it could have done would have been minimized (i.e. no 
reading /etc/shadow, no stealing private keys, creating new users, 
removing users, deleting/replacing applications, etc.).

Now, if it were a true rootkit that circumvents the system protections, 
it wouldn't matter who executed it.  However, my ability to code such a 
rootkit is very much more limited than my ability to code a buggy 
application that wreaks havoc on a user's/system's data (depending on 
who executes it).

>So, do I think that mythfilldatabase is dangerous? NO, so running it as 
>root is no more dangerous in this context than running it as mythtv 
>user. Are all programs in that category... unfortunately no. But if I 
>only load proframs fromFedora, mythtv, lirc, atrpoms or livna, Im 
>reasonanbly safe.
>
>Would you like to explicate further on why it is not a good idea to run 
>mythfilldatabase as root, confining your reasoning to the difference 
>between doing so as root and doing so as mythtv?
>
As you probably saw in my response to Axel, I /am/ saying it's not that 
big a deal on a Myth box.  Why?  Primarily because on a real Myth box 
(which most master backends happen to be), the only valuable thing on 
the system is the mythtv user's data.  So, whether the system is 
destroyed because of apps running as root (meaning you'll lose your 
mythtv data /and/ eat up some of Axel's bandwidth) or the mythtv data is 
lost (meaning you lose your mythtv data but save Axel's bandwidth) makes 
little difference to the user in the end.

However, just because it's not a big deal doesn't mean it's right or 
that running apps as root being A Bad Thing is a myth.

Mike