Bug ID 1212862
Summary AUDIT-1: shadowsocks-rust: systemd service
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter wolfgang.frisch@suse.com
QA Contact qa-bugs@suse.de
Target Milestone ---
Found By ---
Blocker --- 

shadowsocks-rust [0] is a Rust port of shadowsocks [1].

This package ships with 3 systemd services, all running as root:

> RPM: shadowsocks-rust-1.15.3-2.1.x86_64.rpm on x86_64
> Package: shadowsocks-rust
> Service path: /usr/lib/systemd/system/shadowsocks-rust-client.service
> Runs as: root:root
> Exec lines:
>     ExecStart=/usr/bin/sslocal --log-without-time -c /etc/shadowsocks/shadowsocks-rust.json --tcp-fast-open

> RPM: shadowsocks-rust-1.15.3-2.1.x86_64.rpm on x86_64
> Package: shadowsocks-rust
> Service path: /usr/lib/systemd/system/shadowsocks-rust-manager.service
> Runs as: root:root
> Exec lines:
>     ExecStart=/usr/bin/ssmanager --log-without-time -c /etc/shadowsocks/shadowsocks-rust.json --tcp-fast-open

> RPM: shadowsocks-rust-1.15.3-2.1.x86_64.rpm on x86_64
> Package: shadowsocks-rust
> Service path: /usr/lib/systemd/system/shadowsocks-rust-server.service
> Runs as: root:root
> Exec lines:
>     ExecStart=/usr/bin/ssserver --log-without-time -c /etc/shadowsocks/shadowsocks-rust.json --tcp-fast-open

For reference, previous CVEs in the original shadowsocks: [2][3][4]

[0] https://github.com/shadowsocks/shadowsocks-rust
[1] https://github.com/shadowsocks/shadowsocks-libev
[2] https://bugzilla.suse.com/show_bug.cgi?id=1159545
[3] https://bugzilla.suse.com/show_bug.cgi?id=1158251
[4] https://bugzilla.suse.com/show_bug.cgi?id=1158365

You are receiving this mail because: