GNU bug report logs - #47576
[security] ibus-daemon launches ungrafted subprocesses

Previous Next

Package: guix;

Reported by: Mark H Weaver <mhw <at> netris.org>

Date: Sat, 3 Apr 2021 04:46:01 UTC

Severity: normal

Tags: security

Full log

Message #11 received at 47576 <at> debbugs.gnu.org (full text, mbox):

From: Mark H Weaver <mhw <at> netris.org>
To: 47576 <at> debbugs.gnu.org
Subject: Re: bug#47576: [security] ibus-daemon launches ungrafted subprocesses
Date: Sat, 03 Apr 2021 03:12:46 -0400

Earlier, I wrote:
> Looking for references to the old 'glib' was the *first* thing I
> checked.  I haven't yet checked anything else, so I don't know how
> widespread this problem is.

I looked for other ungrafted libraries loaded on my system, and I'm glad
to report that I see no evidence of any grafting problem other than this
'ibus-daemon' issue.

The following ungrafted libraries are loaded by processes from the
mysterious old version of 'ibus' on my system: glib, cairo, and libx11.
I still have no clue where the reference to that mysterious old version
(/gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22) is coming
from.

Are other people seeing this?  Here's an easy way to check:

--8<---------------cut here---------------start------------->8---
mhw <at> jojen ~$ ps axf | grep -e -ibus-
  402 tty7     Sl     0:00  |           |   \_ /gnu/store/vdc4j6c9psx8jicr5h2n8jdxsfjms3h2-ibus-1.5.22/bin/ibus-daemon --panel disable -r --xim
  407 tty7     Sl     0:00  |           |       \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-dconf
  450 tty7     Sl     0:00  |           |       \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-engine-simple
  798 tty8     Sl     0:00              |   \_ /gnu/store/vdc4j6c9psx8jicr5h2n8jdxsfjms3h2-ibus-1.5.22/bin/ibus-daemon --panel disable -r --xim
  804 tty8     Sl     0:00              |   |   \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-dconf
  805 tty8     Sl     0:01              |   |   \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-extension-gtk3
  894 tty8     Sl     0:00              |   |   \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-engine-simple
 2246 pts/0    S+     0:00              |   |   |   \_ grep -e -ibus-
  409 tty7     Sl     0:00 /gnu/store/vdc4j6c9psx8jicr5h2n8jdxsfjms3h2-ibus-1.5.22/libexec/ibus-x11 --kill-daemon
  808 tty8     Sl     0:00 /gnu/store/vdc4j6c9psx8jicr5h2n8jdxsfjms3h2-ibus-1.5.22/libexec/ibus-x11 --kill-daemon
--8<---------------cut here---------------end--------------->8---

If you run this command, do you also see different 'ibus' store items
used by the daemon and its subprocesses?

      Mark
This bug report was last modified 4 years and 54 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.