Bug#314466: marked as done (proftpd: World readable log file)

Debian Bug Tracking System Thu, 16 Jun 2005 10:54:07 -0700

Your message dated Thu, 16 Jun 2005 19:40:47 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#314466: proftpd: World readable log file
has caused the attached Bug report to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 16 Jun 2005 13:22:13 +0000
>From [EMAIL PROTECTED] Thu Jun 16 06:22:11 2005
Return-path: <[EMAIL PROTECTED]>
Received: from ip212-226-154-217.adsl.kpnqwest.fi (rauha.pingviini.net) 
[212.226.154.217] 
        by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
        id 1DiuJv-00088L-00; Thu, 16 Jun 2005 06:22:11 -0700
Received: (qmail 28965 invoked by uid 1000); 16 Jun 2005 16:24:22 +0300
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Niklas Vainio <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: proftpd: World readable log file
X-Mailer: reportbug 3.8
Date: Thu, 16 Jun 2005 16:24:22 +0300
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: proftpd
Version: 1.2.10-15
Severity: normal

It seems proftpd log file is by default world readable. This may have
security implications.


-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.30
Locale: LANG=en_US.ISO-8859-15, LC_CTYPE=fi_FI (charmap=ISO-8859-1)

Versions of packages proftpd depends on:
ii  adduser                     3.63         Add and remove users and groups
ii  debconf                     1.4.30.13    Debian configuration management sy
ii  libc6                       2.3.2.ds1-22 GNU C Library: Shared libraries an
ii  libcap1                     1:1.10-14    support for getting/setting POSIX.
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7e-3     SSL shared libraries
ii  libwrap0                    7.6.dbs-8    Wietse Venema's TCP wrappers libra
ii  netbase                     4.21         Basic TCP/IP networking system
ii  proftpd-common              1.2.10-15    Versatile, virtual-hosting FTP dae
ii  ucf                         1.17         Update Configuration File: preserv

-- debconf information:
  shared/proftpd/warning:
* shared/proftpd/inetd_or_standalone: standalone

---------------------------------------
Received: (at 314466-done) by bugs.debian.org; 16 Jun 2005 17:41:35 +0000
>From [EMAIL PROTECTED] Thu Jun 16 10:41:35 2005
Return-path: <[EMAIL PROTECTED]>
Received: from egg.area.ba.cnr.it [150.145.80.53] 
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1DiyMw-0002iJ-00; Thu, 16 Jun 2005 10:41:35 -0700
Received: from localhost (localhost [127.0.0.1])
        by egg.area.ba.cnr.it (8.13.1/8.13.1/SuSE Linux 0.7) with ESMTP id 
j5GHfVFo031061;
        Thu, 16 Jun 2005 19:41:31 +0200
Received: from klecker (klecker.ba.issia.cnr.it [150.145.84.32])
        by egg.area.ba.cnr.it (8.13.1/8.13.1/SuSE Linux 0.7) with ESMTP id 
j5GHf1Qe030957;
        Thu, 16 Jun 2005 19:41:02 +0200
Received: from adsl-ull-250-67.44-151.net24.it ([151.44.67.250] helo=localhost)
        by klecker with esmtpa (Exim 4.50)
        id 1DiyMN-00071W-6m; Thu, 16 Jun 2005 19:40:59 +0200
Received: from frankie by localhost with local (Exim 4.51)
        id 1DiyMB-0002TP-9t; Thu, 16 Jun 2005 19:40:47 +0200
Date: Thu, 16 Jun 2005 19:40:47 +0200
From: Francesco Paolo Lovergine <[EMAIL PROTECTED]>
To: Niklas Vainio <[EMAIL PROTECTED]>
Cc: "Francesco P. Lovergine" <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: Bug#314466: proftpd: World readable log file
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
X-GPG-Fingerprint: 92E4 2D44 336F DF91 5508  23D5 A453 5199 E9F2 C747
X-GPG-Info: finger [EMAIL PROTECTED]
X-Advocacy: Who uses non-free software empoisons you too. Say him to stop.
User-Agent: Mutt/1.5.9i
X-Virus-Scanned: by amavisd-new-20041102+Sophos at egg.area.ba.cnr.it
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

On Thu, Jun 16, 2005 at 07:36:52PM +0300, Niklas Vainio wrote:
> On Thu, Jun 16, 2005 at 04:21:54PM +0200, Francesco P. Lovergine wrote:
> > Uh? What log file? xferlog is readable only by root and adm group.
> 
> I guess this is then just about some local configuration. Feel free to close
> the bug.
> 

Done.

-- 
Francesco P. Lovergine


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#314466: marked as done (proftpd: World readable log file)

Reply via email to