| To: | Eric Sandeen <sandeen@xxxxxxx> |
|---|---|
| Subject: | Re: Insecure world writable files from XFS 1.0.1 ISO installer |
| From: | Keith Owens <kaos@xxxxxxxxxxxxxxxxx> |
| Date: | Fri, 03 Aug 2001 00:16:27 +1000 |
| Cc: | Simon Matter <simon.matter@xxxxxxxxxxxxxxxx>, linux-xfs <linux-xfs@xxxxxxxxxxx> |
| In-reply-to: | Your message of "Thu, 02 Aug 2001 08:49:36 EST." <3B695A70.6C2D70FD@sgi.com> |
| Sender: | owner-linux-xfs@xxxxxxxxxxx |
On Thu, 02 Aug 2001 08:49:36 -0500, Eric Sandeen <sandeen@xxxxxxx> wrote: >Simon Matter wrote: >> >> When installing from the ISO RH7.1-SGI-XFS-1.0.1, all system config >> files and directories which are not part of an RPM are installed world >> writeable (mode 666/777). > >Which files, for example? So this does NOT happen with either stock Red >Hat or XFS 1.0? Not sure what might be causing this... Almost certainly the kernel bug introduced somewhere around 2.4.3 and fixed in 2.4.7. The default umask for kernel threads, including init was incorrectly set to 000. Stock RedHat init scripts have umask 022 at the start which hides the kernel bug. |
| Previous by Date: | Re: Insecure world writable files from XFS 1.0.1 ISO installer, Eric Sandeen |
|---|---|
| Next by Date: | Re: Insecure world writable files from XFS 1.0.1 ISO installer, Simon Matter |
| Previous by Thread: | Re: Insecure world writable files from XFS 1.0.1 ISO installer, Eric Sandeen |
| Next by Thread: | Re: Insecure world writable files from XFS 1.0.1 ISO installer, Simon Matter |
| Indexes: | [Date] [Thread] [Top] [All Lists] |