Your message dated Wed, 26 Dec 2007 19:46:10 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#457787: cacti: bad practice executing script in /tmp
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: cacti
Version: 0.8.6i-3.2
Severity: normal
A normal paranoid sysadmin mounts /tmp in noexec mode. Therefore no
script should be copied in /tmp and executed.
As I tried to install cacti the script complained without exiting that
script were copied and not executed in /tmp.
I rated it normal, I think this bug is however severe.
Stll like cacti.
Thank for what you do by the way, and joyeuses fêtes.
Julien
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages cacti depends on:
ii apache [httpd] 1.3.34-4.1 versatile, high-performance HTTP s
ii dbconfig-common 1.8.29+etch1 common framework for packaging dat
ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy
ii libphp-adodb 4.93a-1.1 The 'adodb' database abstraction l
ii logrotate 3.7.1-3 Log rotation utility
ii mysql-client-5.0 [vir 5.0.51-0.dotdeb.1 MySQL database client binaries
ii php4 6:4.4.7-0.dotdeb.1 server-side, HTML-embedded scripti
ii php4-cli 6:4.4.7-0.dotdeb.1 command-line interpreter for the p
ii php4-mysql 6:4.4.7-0.dotdeb.1 MySQL module for php4
ii php4-snmp 6:4.4.7-0.dotdeb.1 SNMP module for php4
ii php5 5.2.5-0.dotdeb.2 server-side, HTML-embedded scripti
ii php5-mysql 5.2.5-0.dotdeb.2 MySQL module for php5
ii rrdtool 1.2.15-0.3 Time-series data storage and displ
ii snmp 5.2.3-7 NET SNMP (Simple Network Managemen
ii ucf 2.0020 Update Configuration File: preserv
Versions of packages cacti recommends:
ii iputils-ping 3:20020927-6 Tools to test the reachability of
ii mysql-server 5.0.51-0.dotdeb.1 MySQL database server (meta packag
ii mysql-server-5.0 [mysq 5.0.51-0.dotdeb.1 MySQL database server binaries
-- debconf information:
* cacti/username: cacti
cacti/db/app-user: cacti
cacti/mysql/admin-user: root
* cacti/mysql_server: localhost
* cacti/webserver: Apache
cacti/mysql/method: unix socket
cacti/remote/host:
cacti/upgrade-error: abort
cacti/dbconfig-upgrade: true
cacti/internal/skip-preseed: false
cacti/remote/newhost:
cacti/purge: false
cacti/upgrade_warning:
cacti/database-type: mysql
* cacti/database: cacti
cacti/remove-error: abort
cacti/db/dbname: cacti
cacti/mismatch:
cacti/upgrade-backup: true
cacti/install-error: abort
cacti/internal/reconfiguring: false
cacti/save_rootpw: true
cacti/root_mysql: root
* cacti/passwords-do-not-match:
* cacti/no_automagic:
cacti/dbconfig-remove:
cacti/dbconfig-install: true
cacti/purge_db: true
cacti/remote/port:
cacti/dbconfig-reinstall: false
--- End Message ---
--- Begin Message ---
On Wednesday 26 December 2007 03:03:50 pm Julien Tayon (julbox) wrote:
> Julien Tayon (julbox) a écrit :
> > If it can help
>
> I answer myself : bug closed
> http://www.us.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s4.9
> see point 4.9.1
>
> Sorry for the noise ....
np, hope you had a joyeux noel :)
sean
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
