When I upgraded from 17.04. to 17.10. I realized that there is a bad security issue with the update-manager. Here’s what I mean:
Start the update-manager, when it tells you, there’s “a new version of Ubuntu available”, click on upgrade. A prompt will appear asking for your sudo password. Enter your password.
Then the release notes appear. When you now click on any of the links inside, your standard browser (in my case Firefox) will open with root permissions.
This should never happen.
First I did not realize that I was working in Firefox as root and wondered where all my bookmarks and add-ons had disappeared. Because I blamed it on upgrading Firefox right before that, I started re-installing the add-ons!
So this should really be fixed. Either the release notes should be displayed before the prompt for your root password, or upgrade-manager should have a mechanism to prevent starting other GUI apps as root.