Re: F15 Why does gnome-shell automatically start Adobe acroread updater? (malware?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Jul 11, 2011 at 04:19:31PM -0400, Deron Meranda wrote:
> For some reason, my Gnome 3 shell process has forked off an 'acroread'
> process which I did not start!
> 
> It appears to be attempting to install itself or do something in the
> background.  This is completely unacceptable, nothing should ever
> attempt to download and run some unauthenticated script and should
> never attempt to install anything without my explicit knowledge and
> permission!
> 
> I consider this to be a security breach and failure of the Fedora
> security policies to permit this.  In fact there should be a separate
> SELinux context for this commercial app just so it can't do anything
> to my system without my knowledge.
> 
> UID        PID  PPID  C STIME TTY          TIME CMD
> XXX       2509  2483  0 Jul10 ?        00:00:01 gnome-session
> XXX       2615  2509  1 Jul10 ?        00:12:04 /usr/bin/gnome-shell
> XXX      16717  2615  0 13:46 ?        00:00:08 acroread
> XXX      16769 16717 20 13:46 ?        00:29:25 /bin/sh
> /tmp/acrobat.n9vv0T/AdobeReader/INSTALL --lzma=/home/XXX
> XXX      7662 16769  0 15:40 ?        00:00:00 [INSTALL] <defunct>
> 
> Does the Gnome shell have some sort of auto-start or auto-update
> capability in it, that perhaps Adobe has surreptitiously hooked itself
> into. And how do I get it back out?

Yes, it does. Run gnome-session-properties and look at the list of
applications that will automatically load at session start.

> (The only reason I even have Adobe reader is because Evince can not
> fully handle the US IRS tax forms.)

What I'm failing to see is how this is a failing of Fedora. You
installed a non-Fedora package on your system (AdobeReader is not a part
of Fedora) and it is that non-Fedora package that appears to be doing
things in the background on your system. You can blame the distro for
compromising your system when you were the one who circumvented the
trusted packages list and installed something else.

-- 
Darryl L. Pierce, Sr. Software Engineer @ Red Hat, Inc.
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/

Attachment: pgpr8tSG63x4F.pgp
Description: PGP signature

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux