[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Insecure world writable files from XFS 1.0.1 ISO installer

To: linux-xfs <linux-xfs@oss.sgi.com>
Subject: Insecure world writable files from XFS 1.0.1 ISO installer
From: Simon Matter <simon.matter@ch.sauter-bc.com>
Date: Thu, 02 Aug 2001 14:44:57 +0200
>received: from mobile.sauter-bc.com (unknown [10.1.6.21])by basel1.sauter-bc.com (Postfix) with ESMTP id 5FDB357306for <linux-xfs@oss.sgi.com>; Thu, 2 Aug 2001 14:44:57 +0200 (CEST)
Organization: Sauter AG, Basel
Sender: owner-linux-xfs@oss.sgi.com

When installing from the ISO RH7.1-SGI-XFS-1.0.1, all system config
files and directories which are not part of an RPM are installed world
writeable (mode 666/777). This was mentioned on this list before but I
didn't realize that it happens with the 1.0.1 installer ISO.
Is there an easy way to modify the installer to get around this problem
or is it better to use the 1.0 ISO and upgrade packages after the
install?

I'm just worried what to do with all those already installed system
because a
chmod -R go-w ... is not a good solution.

-Simon

Follow-Ups:
- Re: Insecure world writable files from XFS 1.0.1 ISO installer
  - From: Eric Sandeen <sandeen@sgi.com>

Prev by Date: Re: [BUG]Can't work with -no-common flag
Next by Date: Re: Insecure world writable files from XFS 1.0.1 ISO installer
Previous by thread: Re: [BUG]Can't work with -no-common flag
Next by thread: Re: Insecure world writable files from XFS 1.0.1 ISO installer
Index(es):
- Date
- Thread