Public bug reported: Disclaimer: This is not a real bug report. It is more a wish for a future version.
The dhclient is running as root and thus needs special protection (OpenBSD implemented privilege separation, but unfortunately there is no patch for Linux available). Fedora added a patch to drop the capabilities of the process right after start: http://pkgs.fedoraproject.org/gitweb/?p=dhcp.git;a=blob;f=dhcp-4.2.2-capability.patch;h=1f31e1776d94cb8721b66e338999c8664f4fc74a;hb=HEAD This patch should be added to the dhclient in Ubuntu. ** Affects: isc-dhcp (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/810946 Title: dhclient should drop capabilities To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/810946/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
