Your message dated Sat, 06 Aug 2005 11:32:04 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#320407: fixed in checksecurity 2.0.7-8
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 29 Jul 2005 06:46:43 +0000
>From [EMAIL PROTECTED] Thu Jul 28 23:46:43 2005
Return-path: <[EMAIL PROTECTED]>
Received: from aurora.bayour.com [212.214.70.50]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1DyOdn-0005dQ-00; Thu, 28 Jul 2005 23:46:43 -0700
Received: (qmail-ldap/ctrl 18605 invoked by uid 0); 29 Jul 2005 06:46:34 -0000
Received: by simscan 1.1.0 ppid: 18599, pid: 18600, t: 3.6255s
scanners: clamav: 0.85.1/m:33/d:993 spam: 3.0.4
Received: from pumba.bayour.com ([212.214.70.53])
(envelope-sender <[EMAIL PROTECTED]>)
by aurora.bayour.com (qmail-ldap-1.03) with SMTP
for <[EMAIL PROTECTED]>; 29 Jul 2005 06:46:31 -0000
Received: from turbo by pumba.bayour.com with local (Exim 3.36 #1 (Debian))
id 1DyOb0-0007y2-00
for <[EMAIL PROTECTED]>; Fri, 29 Jul 2005 08:43:50 +0200
To: [EMAIL PROTECTED]
Subject: checksecurity: Traverses AFS fileserver mounts (/vicepX)!
X-PGP-Fingerprint: B7 92 93 0E 06 94 D6 22 98 1F 0B 5B FE 33 A1 0B
X-PGP-Key-ID: 0x788CD1A9
X-URL: http://www.bayour.com/
From: Turbo Fredriksson <[EMAIL PROTECTED]>
Organization: Bah!
Date: Fri, 29 Jul 2005 08:43:47 +0200
Message-ID: <[EMAIL PROTECTED]>
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/20.7 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: Turbo Fredriksson <[EMAIL PROTECTED]>
X-Spam-Virus: No
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: checksecurity
Version: 2.0.7-6
Severity: important
Tags: security patch sarge
I noticed it on my semi-woody:
----- s n i p -----
From: [EMAIL PROTECTED] (Cron Daemon)
Subject: Cron <[EMAIL PROTECTED]> test -e /usr/sbin/anacron || run-parts
--report /etc/cron.daily
Date: 29 Jul 2005 04:31:27 -0000
[...]
/etc/cron.daily/standard:
find: /vicepb/V1075518779.vol: No such file or directory
find: /vicepb/V1075518779.vol: No such file or directory
find: /vicepb/V1075518779.vol: No such file or directory
----- s n i p -----
Just to make sure, I checked the Sarge version. Same problem
SHOULD occur there to (can't test since I don't have a sarge
AFS file server). But looking at the config file (and the fix):
----- s n i p -----
[EMAIL PROTECTED]:~# diff -u /etc/checksecurity.conf~ /etc/checksecurity.conf
--- /etc/checksecurity.conf~ Mon Oct 1 22:38:59 2001
+++ /etc/checksecurity.conf Fri Jul 29 08:25:00 2005
@@ -58,7 +58,7 @@
#
CS_DEVS='^/dev/fd'
#
-CS_DIRS='on /mnt'
+CS_DIRS='on (/mnt|/vicep)'
#
CHECKSECURITY_FILTER="$CS_TYPES|$CS_OPTS|$CS_DEVS|$CS_DIRS"
#
----- s n i p -----
I.e. the CS_DIRS looks the same in both woody and sarge...
Another fix would be to set
CS_DIRS='(on /mnt|/vicep)'
to be _absolutly_ sure that vice directories isn't traversed,
but "who would be stupid enough to have it on their root partition"? :)
I can't put the severity to any higher than 'important' since
not everyone would be affected. On _my_ site (40+ machines), only
ONE is affected by this... Instead I'm using the 'Tags' option.
But, on the other hand. I almost got an heart attach when i saw the
mail! if _ANYTHING_ or _ANYONE_ (other than the AFS filesystem daemons)
so much as LOOKS any files there, I risk loosing data! Well, maybe
not that severe, but you get the idea :)
On woody the problem is in the 'cron' package. You beside what to do
with that information...
---------------------------------------
Received: (at 320407-close) by bugs.debian.org; 6 Aug 2005 18:38:43 +0000
>From [EMAIL PROTECTED] Sat Aug 06 11:38:43 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1E1TSm-0002fM-00; Sat, 06 Aug 2005 11:32:04 -0700
From: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#320407: fixed in checksecurity 2.0.7-8
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sat, 06 Aug 2005 11:32:04 -0700
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: checksecurity
Source-Version: 2.0.7-8
We believe that the bug you reported is fixed in the latest version of
checksecurity, which is due to be installed in the Debian FTP archive:
checksecurity_2.0.7-8.diff.gz
to pool/main/c/checksecurity/checksecurity_2.0.7-8.diff.gz
checksecurity_2.0.7-8.dsc
to pool/main/c/checksecurity/checksecurity_2.0.7-8.dsc
checksecurity_2.0.7-8_all.deb
to pool/main/c/checksecurity/checksecurity_2.0.7-8_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> (supplier of updated
checksecurity package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 1 Aug 2005 21:25:16 +0200
Source: checksecurity
Binary: checksecurity
Architecture: source all
Version: 2.0.7-8
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Description:
checksecurity - basic system security checks
Closes: 320407
Changes:
checksecurity (2.0.7-8) unstable; urgency=low
.
* Prevent the setuid checks from traversing AFS filesystems under
/vicep (Closes: #320407)
Files:
5eeb952977d5a9b911f4bc471f148f61 727 admin optional checksecurity_2.0.7-8.dsc
96201a87a1df47f408a7a1ce56a949ad 10611 admin optional
checksecurity_2.0.7-8.diff.gz
19d8d6e1b482cb0fc2effbf170cf10f6 20828 admin optional
checksecurity_2.0.7-8_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iQCVAwUBQu5+cftEPvakNq0lAQIRJQP/eS1Cph+mgAPc3F9NmROyHcRhXTNavcz+
/9gfynw4cp7WraEtYTl4qgwwNKaVeAblgRPdKOCr3CvU5GE8qOEoiGTOfd5Hfpj5
nZ3QK4WHfFQWsWEjh7khlLQqB2Ko2R7Y1kJw31Le009f2cw493jYUNmmuaZ8GSpA
RfHgKTmPJik=
=4CX4
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
