xfs
[Top] [All Lists]

Re: Insecure world writable files from XFS 1.0.1 ISO installer

To: Eric Sandeen <sandeen@xxxxxxx>
Subject: Re: Insecure world writable files from XFS 1.0.1 ISO installer
From: Keith Owens <kaos@xxxxxxxxxxxxxxxxx>
Date: Fri, 03 Aug 2001 00:16:27 +1000
Cc: Simon Matter <simon.matter@xxxxxxxxxxxxxxxx>, linux-xfs <linux-xfs@xxxxxxxxxxx>
In-reply-to: Your message of "Thu, 02 Aug 2001 08:49:36 EST." <3B695A70.6C2D70FD@xxxxxxx>
Sender: owner-linux-xfs@xxxxxxxxxxx
On Thu, 02 Aug 2001 08:49:36 -0500, 
Eric Sandeen <sandeen@xxxxxxx> wrote:
>Simon Matter wrote:
>> 
>> When installing from the ISO RH7.1-SGI-XFS-1.0.1, all system config
>> files and directories which are not part of an RPM are installed world
>> writeable (mode 666/777). 
>
>Which files, for example?  So this does NOT happen with either stock Red
>Hat or XFS 1.0?  Not sure what might be causing this...

Almost certainly the kernel bug introduced somewhere around 2.4.3 and
fixed in 2.4.7.  The default umask for kernel threads, including init
was incorrectly set to 000.  Stock RedHat init scripts have umask 022
at the start which hides the kernel bug.


<Prev in Thread] Current Thread [Next in Thread>