If you have installed, or plan to install, any systems using
the XFS 1.0.1 installer, please read the following message.
It was recently discovered that due to a bug* in the underlying
Linux kernel, the permissions of several system configuration
files created at install time are world-writeable, which poses
a security risk.
This bug is not XFS-related, and will exhibit itself on an
ext2-only install from the XFS 1.0.1 iso as well.
These permissions may be fixed by running the script at
ftp://oss.sgi.com/projects/xfs/download/Release-1.0.1/installer/fix-perms
as root.
An update disk has also been provided at
ftp://oss.sgi.com/projects/xfs/download/Release-1.0.1/installer/updates
to be used on future installs. Please see the README at
ftp://oss.sgi.com/projects/xfs/download/Release-1.0.1/installer/updates/README
for information on how to use this update disk.
Thanks for your attention, and we apologize for any inconvenience this
may have caused.
Sincerely,
The SGI XFS for Linux Team
-----
*The default umask for kernel threads, including init, was incorrectly
set to 000. Stock Red Hat init scripts set umask to 022 at system
startup, so it hides this bug. However, the anaconda installer does
not do this, so files created during the install process have incorrect
permissions.
|