Vincent Danen grabbed a keyboard and wrote:
Glad to see you're still on the list, Vincent. :-)
> On Wed Jul 23, 2003 at 11:56:14AM -0700, David Guntner wrote:
>
> > I hope someone from Mandrake is still reading this list. I got the
> > advisary for the new kernel in my mail, and installed the new kernel.
> > Since, then, any number of processes which used to write files that were
> > writable only by themselves (leafnode as user news, mailman as user mail
> > and so on) are now writing their files in a world readable setting. My
> > security logs this morning started reporting files in /var/spool/news,
> > /var/lock/subsys, /var/run, /var/lib/mailman/lists and so on as being
> > writable. Checking those directories, I find sure enough that everything
> > is -rw-rw-rw- -- clearly, this is not acceptable! Can someone please
> > look into this and fix it and issue a new kernel? This needs to not
> > continue to happen. When I su to the user IDs in question and do a umask
> > command, I see 0022 like it should be - so I can't see any reason why this
> > should be happening.
>
> We've not seen this at all during testing. Which kernel did you install?
> secure, up, smp, etc... uname -a would be good.
uname -a won't be of any help now, because I've reverted back to the prior
kernel (2.4.21-0.18mdk). Not smp, secure or anthing else. Just kernel-
2.4.21-0.18mdk. Same for the new version, which is 2.4.21-0.24mdk, which
was installed from kernel-2.4.21.0.24mdk-1-1mdk.i586.rpm.
> That is really really wierd.
>
> Just ran msec here and it just shows me that my initrd is world-writable so
> I don't think your problem is due to the kernel.
The initrd file never *used* to be world-writable.... Not until this
release of the kernel, anyway. Personally, I would consider that a bad
sign.
> cc'ing this to Juan just so he can check as well.
Me, too, so that he can see the followup.
--Dave
--
David Guntner GEnie: Just say NO!
http://www.akaMail.com/pgpkey/davidg or key server
for PGP Public key
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
