Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running iotop-c as non root results in a ~/.config/iotop dir. #63

Closed
Samueru-sama opened this issue Feb 17, 2024 · 2 comments
Closed

Running iotop-c as non root results in a ~/.config/iotop dir. #63

Samueru-sama opened this issue Feb 17, 2024 · 2 comments

Comments

@Samueru-sama
Copy link

Samueru-sama commented Feb 17, 2024
edited

I have XDG_CONFIG_HOME set to ~/.local/config instead of the default location of ~/.config.

I recently tested iotop -c and made the mistake of trying to run it as non root. After correcting that error I noticed that my home now has a ~/.config/iotop directory.

The directory is being created by iotop-c, likely because it has a hardcoded path to ~/.config instead of checking the xdg enviroment variables.

What's interesting is that iotop can no longer be run as regular user, so this should be easy to fix.

(This issue does not happen with the regular iotop btw).

Edit: The issue is on lines 53 and 23 of configfile.c.
@bbonev
Copy link
Collaborator

bbonev commented Feb 18, 2024

Thanks for spotting - iotop-c does not follow the XDG Base Directory Specification and uses a hardcoded path. That will be fixed.

About running iotop-c as non-root, it should give a warning+advice:

The Linux kernel interfaces that iotop relies on now require root privileges
or the NET_ADMIN capability. This change occurred because a security issue
(CVE-2011-2494) was found that allows leakage of sensitive data across user
boundaries. If you require the ability to run iotop as a non-root user, please
configure sudo to allow you to run iotop as root.

Alternatively to using sudo the NET_ADMIN capability can be set by

	$ sudo setcap 'cap_net_admin+eip' <path-to>/iotop

Be warned that this will also allow other users to run it and get access to
information that normally should not be available to them.

Please do not file bugs on iotop about this.

If you see some kind of error instead of the above, please give more details.

@Samueru-sama
Copy link
Author

Thanks for spotting - iotop-c does not follow the XDG Base Directory Specification and uses a hardcoded path. That will be fixed.

About running iotop-c as non-root, it should give a warning+advice:

The Linux kernel interfaces that iotop relies on now require root privileges
or the NET_ADMIN capability. This change occurred because a security issue
(CVE-2011-2494) was found that allows leakage of sensitive data across user
boundaries. If you require the ability to run iotop as a non-root user, please
configure sudo to allow you to run iotop as root.

Alternatively to using sudo the NET_ADMIN capability can be set by

	$ sudo setcap 'cap_net_admin+eip' <path-to>/iotop

Be warned that this will also allow other users to run it and get access to
information that normally should not be available to them.

Please do not file bugs on iotop about this.

If you see some kind of error instead of the above, please give more details.

You scared me with the way that first sentence is written haha.

And yes I did have the warning about running it as non root, it was just a mistake I made when first launching it that resulted in the directory being created.

@bbonev bbonev closed this as completed in cea6d5c Feb 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bbonev @Samueru-sama