Suspicious behaviour: Script requesting root password on login to X11 on Ubuntu with Dropbox installed

 

Dropbox Executing Suspicious Root Script in /tmp

After a recent system update, I began seeing a sudo prompt at login asking for permission to run a mysterious shell script from /tmp. The prompt looked like this:



Screenshot from 2025-07-23 06-05-39.png

It referred to a temporary file, /tmp/tmp8peqse64, which no longer existed by the time I checked. I managed to capture the content of a similar script later:

#!/bin/bash
chown -h -R 1000 "/home/john/Dropbox"
chmod -R u+rwX "/home/john/Dropbox"

This script forcibly resets ownership and permissions on the Dropbox folder. It executes with root privileges and deletes itself after running — a classic signature of a transient payload.

Journal Evidence

I captured journal output showing the script was run immediately after Dropbox launched:



IMG_3B4C8212-2B88-40BC-9C19-4E0E569DB0E1.jpeg

Community Reports

Searching online, I found other users reporting the same issue. For example, this Ask Ubuntu thread describes Dropbox creating a sudo prompt at login to fix sync issues by chmodding the Dropbox folder.

Conclusion

While this behaviour appears to be Dropbox's internal "repair" mechanism, it is deeply flawed. It:

  • Creates and runs a temporary root shell script
  • Self-deletes to hide its presence
  • Modifies folder ownership and permissions recursively

This is dangerous behaviour for any background service — even more so for one that syncs sensitive files to the cloud.

Recommendations

  • Manually fix Dropbox folder permissions:
    sudo chown -R $USER:$USER ~/Dropbox
chmod -R u+rwX ~/Dropbox
  • Consider reinstalling Dropbox to remove custom or damaged launchers
  • Log and inspect all /tmp scripts created at login

Until Dropbox corrects this design flaw, be cautious with any unexpected root prompts — even if they look routine.

Popular posts from this blog

Automatically Fix Song Metadata and Filenames on Linux with Beets

 🎵 Automatically Fix Song Metadata and Filenames on Linux with Beets Tired of sorting through unknown MP3s with cryptic filenames like Track01.mp3? Sick of missing album info, incorrect genres, and zero cover art? Here's a clean way to batch-fix your music collection with open source tools — no manual editing required. ✅ What You’ll Use beets — the core tool that organizes, renames, and tags your music by matching against the MusicBrainz database. libchromaprint-tools — provides fpcalc, which generates audio fingerprints to identify unlabeled tracks. ffmpeg (optional) — used by beets for transcoding or embedded cover art processing. 🔧 Installation sudo apt update sudo apt install beets libchromaprint-tools ffmpeg 🚀 One Command to Organize It All beet import /path/to/your/music/ Beets will: Fingerprint each file Query MusicBrainz for metadata Rename files (e.g., Artist - Title.mp3) Write correct ID3/metadata tag Optionally move files into organized folders 📁 Example Output Your ...
Read more

throttle traffic on apache

sudo apt install apache2-utils sudo apt install libapache2-mod-evasive vi /etc/apache2/mods-enabled/evasive.conf service apache restart edit it and set values as per below or whatever else you like, the time quantities are seconds     DOSSiteInterval     1     DOSBlockingPeriod   10     #DOSLogDir           "/var/lock/mod_evasive"
Read more

script to show all files with disk usage sizes

Normally to get the disk usage of a folder you use get properties on the rightclick or similar. However there are hidden files starting with . in their name that you can get info on, only in the terminal, using the  du -sh  command. If you have hundreds of them (which you do!) this becomes tedious. The following script gives you a directory listing with the files all indicated in file sizes and highlights on files of megabytes or gigabytes in size.  #!/bin/bash # Set Internal Field Separator to handle spaces in filenames IFS=$'\n' # Loop through all files and directories for i in $(/bin/ls -A); do        size=$(du -sh "$i" | awk '{print $1}')           # Apply colors: bold for MB, bright bold for GB      case "$size" in          *M) color="\e[1m" ;;         # Bold for Megabytes          *G) color="\e[1;97m" ;;      # Br...
Read more