Package: checksecurity
Version: 2.0.7-6
Severity: important
Tags: security patch sarge
I noticed it on my semi-woody:
----- s n i p -----
From: [EMAIL PROTECTED] (Cron Daemon)
Subject: Cron <[EMAIL PROTECTED]> test -e /usr/sbin/anacron || run-parts
--report /etc/cron.daily
Date: 29 Jul 2005 04:31:27 -0000
[...]
/etc/cron.daily/standard:
find: /vicepb/V1075518779.vol: No such file or directory
find: /vicepb/V1075518779.vol: No such file or directory
find: /vicepb/V1075518779.vol: No such file or directory
----- s n i p -----
Just to make sure, I checked the Sarge version. Same problem
SHOULD occur there to (can't test since I don't have a sarge
AFS file server). But looking at the config file (and the fix):
----- s n i p -----
[EMAIL PROTECTED]:~# diff -u /etc/checksecurity.conf~ /etc/checksecurity.conf
--- /etc/checksecurity.conf~ Mon Oct 1 22:38:59 2001
+++ /etc/checksecurity.conf Fri Jul 29 08:25:00 2005
@@ -58,7 +58,7 @@
#
CS_DEVS='^/dev/fd'
#
-CS_DIRS='on /mnt'
+CS_DIRS='on (/mnt|/vicep)'
#
CHECKSECURITY_FILTER="$CS_TYPES|$CS_OPTS|$CS_DEVS|$CS_DIRS"
#
----- s n i p -----
I.e. the CS_DIRS looks the same in both woody and sarge...
Another fix would be to set
CS_DIRS='(on /mnt|/vicep)'
to be _absolutly_ sure that vice directories isn't traversed,
but "who would be stupid enough to have it on their root partition"? :)
I can't put the severity to any higher than 'important' since
not everyone would be affected. On _my_ site (40+ machines), only
ONE is affected by this... Instead I'm using the 'Tags' option.
But, on the other hand. I almost got an heart attach when i saw the
mail! if _ANYTHING_ or _ANYONE_ (other than the AFS filesystem daemons)
so much as LOOKS any files there, I risk loosing data! Well, maybe
not that severe, but you get the idea :)
On woody the problem is in the 'cron' package. You beside what to do
with that information...
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
