xfs
[Top] [All Lists]

Re: Insecure world writable files from XFS 1.0.1 ISO installer

To: Eric Sandeen <sandeen@xxxxxxx>
Subject: Re: Insecure world writable files from XFS 1.0.1 ISO installer
From: Simon Matter <simon.matter@xxxxxxxxxxxxxxxx>
Date: Thu, 02 Aug 2001 16:17:47 +0200
>received: from mobile.sauter-bc.com (unknown [10.1.6.21]) by basel1.sauter-bc.com (Postfix) with ESMTP id D647757306; Thu, 2 Aug 2001 16:17:47 +0200 (CEST)
Cc: linux-xfs <linux-xfs@xxxxxxxxxxx>
Organization: Sauter AG, Basel
References: <3B694B49.209B904C@ch.sauter-bc.com> <3B695A70.6C2D70FD@sgi.com>
Sender: owner-linux-xfs@xxxxxxxxxxx
Eric Sandeen schrieb:
> 
> Simon Matter wrote:
> >
> > When installing from the ISO RH7.1-SGI-XFS-1.0.1, all system config
> > files and directories which are not part of an RPM are installed world
> > writeable (mode 666/777).
> 
> Which files, for example?  So this does NOT happen with either stock Red
> Hat or XFS 1.0?  Not sure what might be causing this...

Sorry for not providing more information.

It does NOT happen with XFS 1.0 release. I guess it also does not occur
with stock RH installer.
My dirty find script looks like that:

#!/bin/sh
find . -type f -o -type d | while read xxx; do
  rpm -qf $xxx > /dev/null
  RETVAL=$?
  if [ $RETVAL -gt 0 ]; then
    find $xxx -perm -022 -exec ls -lad {} \;
  fi
done

when run in /etc it gives something like:

[root@ga-www /etc]# /root/checkit.2
drwxrwxrwx    8 root     root         4096 Aug  2 15:35 ./sysconfig
lrwxrwxrwx    1 root     root           20 Jul 31 14:34
./sysconfig/network-scripts/ifdown -> ../../../sbin/ifdown
lrwxrwxrwx    1 root     root           18 Jul 31 14:34
./sysconfig/network-scripts/ifup -> ../../../sbin/ifup
-rw-rw-rw-    1 root     root           74 Jul 31 14:35 ./sysconfig/i18n
-rw-rw-rw-    1 root     root           90 Jul 31 14:35
./sysconfig/mouse
-rw-rw-rw-    1 root     root           32 Jul 31 14:35
./sysconfig/keyboard
-rw-rw-rw-    1 root     root           40 Jul 31 14:35
./sysconfig/clock
-rw-rw-rw-    1 root     root           11 Jul 31 14:35
./sysconfig/desktop
-rw-rw-rw-    1 root     root           38 Jul 31 14:35
./sysconfig/pcmcia
-rw-rw-rw-    1 root     root         2150 Aug  2 16:52
./sysconfig/hwconf
-rw-rw-rw-    1 root     root           58 Jul 31 15:07
./sysconfig/network
-rw-rw-rw-    1 root     root           74 Jul 31 14:35 ./sysconfig/i18n
-rw-rw-rw-    1 root     root           90 Jul 31 14:35
./sysconfig/mouse
-rw-rw-rw-    1 root     root           32 Jul 31 14:35
./sysconfig/keyboard
-rw-rw-rw-    1 root     root           40 Jul 31 14:35
./sysconfig/clock
-rw-rw-rw-    1 root     root           11 Jul 31 14:35
./sysconfig/desktop
-rw-rw-rw-    1 root     root           38 Jul 31 14:35
./sysconfig/pcmcia
-rw-rw-rw-    1 root     root         2150 Aug  2 16:52
./sysconfig/hwconf
-rw-rw-rw-    1 root     root           58 Jul 31 15:07
./sysconfig/network
-rw-rw-rw-    1 root     root        16342 Jul 31 14:35 ./X11/XF86Config
-rw-rw-rw-    1 root     root         3698 Jul 31 14:35
./X11/XF86Config-4
-rw-rw-rw-    1 root     root           66 Jul 31 14:33 ./shells
-rw-rw-rw-    1 root     root          221 Jul 31 14:34
./sgml/sgml-docbook-3.0.cat
-rw-rw-rw-    1 root     root          156 Jul 31 14:34 ./sgml/catalog
-rw-rw-rw-    1 root     root          221 Jul 31 14:34
./sgml/sgml-docbook-3.1.cat
-rw-rw-rw-    1 root     root          221 Jul 31 14:34
./sgml/sgml-docbook-4.0.cat
-rw-rw-rw-    1 root     root          221 Jul 31 14:34
./sgml/sgml-docbook-4.1.cat
lrwxrwxrwx    1 root     root           30 Jul 31 14:34
./sgml/sgml-docbook.cat -> /etc/sgml/sgml-docbook-4.1.cat-rw-rw-rw-    1
root     root          221 Jul 31 14:34 ./sgml/sgml-docbook-3.0.cat
-rw-rw-rw-    1 root     root          156 Jul 31 14:34 ./sgml/catalog
-rw-rw-rw-    1 root     root          221 Jul 31 14:34
./sgml/sgml-docbook-3.1.cat
-rw-rw-rw-    1 root     root          221 Jul 31 14:34
./sgml/sgml-docbook-4.0.cat
-rw-rw-rw-    1 root     root          221 Jul 31 14:34
./sgml/sgml-docbook-4.1.cat
-rw-rw-rw-    1 root     root           15 Jul 31 14:35 ./resolv.conf
-rw-rw-rw-    1 root     root          238 Aug  2 12:07 ./hosts

What a nice toy for the kiddies :-)

There was an earlier thread on this list and Keith Owens said:
> Which kernel?  There was a kernel bug from 2.4.3-pre5 until 2.4.7-pre7
> where the initscripts ran with umask 000 instead of 022, that would
> give the effect above.  It is fixed in the XFS CVS tree because that is
> at 2.4.7, but the old releases might be bitten by this kernel bug.

Hope this helps.

> 
> -Eric
> 
> --
> Eric Sandeen      XFS for Linux     http://oss.sgi.com/projects/xfs
> sandeen@xxxxxxx   SGI, Inc.

-- 
Simon Matter              Tel:  +41 61 695 57 35
Fr.Sauter AG / CIT        Fax:  +41 61 695 53 30
Im Surinam 55
CH-4016 Basel             [mailto:simon.matter@xxxxxxxxxxxxxxxx]



<Prev in Thread] Current Thread [Next in Thread>