[Top] [All Lists]

Re: Insecure world writable files from XFS 1.0.1 ISO installer

To: Steve Lord <lord@xxxxxxx>
Subject: Re: Insecure world writable files from XFS 1.0.1 ISO installer
From: Eric Sandeen <sandeen@xxxxxxx>
Date: 02 Aug 2001 10:12:25 -0500
Cc: Simon Matter <simon.matter@xxxxxxxxxxxxxxxx>, Keith Owens <kaos@xxxxxxxxxxxxxxxxx>, linux-xfs <linux-xfs@xxxxxxxxxxx>
In-reply-to: <200108021459.f72ExmB06735@jen.americas.sgi.com>
References: <200108021459.f72ExmB06735@jen.americas.sgi.com>
Sender: owner-linux-xfs@xxxxxxxxxxx
On 02 Aug 2001 09:59:48 -0500, Steve Lord wrote:

> The 1.0.1 install package does not have a redhat equivalent, they did
> not respin their iso images when they released a 2.4.3 based kernel rpm,
> the only way for a redhat user to get to this configuration was a 7.1
> install followed by a kernel rpm upgrade. It seems like we should have
> stuck to the same path.

Ah, hindsight is great, isn't it?  :(
> Eric, which kernel is running when the installer is doing it's stuff, it
> is possible there is something about this kernel. In the meantime, I am
> not sure we should leave the 1.0.1 iso images up on the web site but
> recommend people use the 1.0 and then do a kernel upgrade. This means
> the installer fixes get lost, but it may be the most prudent path
> here.

The Red Hat 2.4.3 + XFS kernel is running at install time, so I guess
that's where this problem comes from.  Hm, might be time to come up with
a script to fix this up, and a "warning" email to users...  Darn.

I could do a 1.0.1a kernel with this bug fixed, and respin the
installer, too, I suppose.


Eric Sandeen      XFS for Linux     http://oss.sgi.com/projects/xfs
sandeen@xxxxxxx   SGI, Inc.

<Prev in Thread] Current Thread [Next in Thread>