cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Update: Find information on Dropbox support during COVID-19 here
Close
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Dropbox on Linux attempting to execute as root via sudo - any ideas?

Explorer | Level 4

Excuse me if install/integration isn't the correct area to post this - nothing else matches the category.

I run dropbox for Linux (x86_64), version 86.4.146, as a separate user 'dropboxuser'. I have noticed as of late by way of security e-mails from sudo that the dropboxuser is attempting to execute scripts in /tmp. See the example mails below.

 

mybox : Dec 6 12:21:52 : dropboxuser : user NOT in sudoers ; TTY=pts/7 ; PWD=/ ; USER=root ; COMMAND=/bin/sh /tmp/tmpkq6j6p3e

mybox : Dec 3 22:56:08 : dropboxuser : user NOT in sudoers ; TTY=pts/7 ; PWD=/opt/dropbox ; USER=root ; COMMAND=/bin/sh /tmp/tmp4ey9y9kd

mybox : Dec 3 22:56:07 : dropboxuser : user NOT in sudoers ; TTY=pts/7 ; PWD=/opt/dropbox ; USER=root ; COMMAND=/bin/sh /tmp/tmpiizxl2c7

mybox : Nov 14 19:09:17 : dropboxuser : user NOT in sudoers ; TTY=pts/7 ; PWD=/ ; USER=root ; COMMAND=/bin/sh /tmp/tmpuii0fwie

 

There doesn't seem to be any rhyme or reason to the time of day these execute, but it is always attempting to execute some script in /tmp. These files no longer exist and I have no idea what the contents were.

Does anyone know why dropboxd would be attempting to gain root privileges and what is the contents of these files?

Thanks

 

1 Reply 1
Highlighted

Re: dropboxd on Linux attempting to execute as root via sudo - any ideas?

Super Collaborator | Level 20

Hi @boxdropping,

No, you are wrong. Dropbox application never tries gain root access, actually. Seems your sandboxing tool assumes so, for some reason. From time to time the application checks for updates and default temporary directory is used for.  That's it. Usually every user should have access to temporary storage. Why you have limited such access , only you can give this answer to yourself or read carefully documentation for other possible tools used, able affect.

Hope this adds some clarity.

PS: I wasn't able see any secure confirmation that Dropbox application is trying gain root access. You assume so by username base, only! Other application/tool also could run in same context. Be careful. Check which one is the actual application trying this access. If you want careful limit Dropbox application (or any other), use AppArmor. Reports there are more full/complete.


 
This thread is closed due to inactivity. Please feel free to create a new topic here. 

Work Smarter with Dropbox

The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.

Sound good? Let's get started.
Who's talking

Top contributors to this post

What do Dropbox user levels mean?
Need more support?