On Wednesday 23 July 2003 02:26 pm, Vincent Danen wrote: > On Wed Jul 23, 2003 at 11:56:14AM -0700, David Guntner wrote: > > I hope someone from Mandrake is still reading this list. I got the > > advisary for the new kernel in my mail, and installed the new > > kernel. Since, then, any number of processes which used to write > > files that were writable only by themselves (leafnode as user news, > > mailman as user mail and so on) are now writing their files in a > > world readable setting. My security logs this morning started > > reporting files in /var/spool/news, /var/lock/subsys, /var/run, > > /var/lib/mailman/lists and so on as being writable. Checking those > > directories, I find sure enough that everything is -rw-rw-rw- -- > > clearly, this is not acceptable! Can someone please look into this > > and fix it and issue a new kernel? This needs to not continue to > > happen. When I su to the user IDs in question and do a umask > > command, I see 0022 like it should be - so I can't see any reason > > why this should be happening. > > We've not seen this at all during testing. Which kernel did you > install? secure, up, smp, etc... uname -a would be good. > > That is really really wierd. > > Just ran msec here and it just shows me that my initrd is > world-writable so I don't think your problem is due to the kernel. > > cc'ing this to Juan just so he can check as well.
I'm seeing the same thing. Below is a copy of my post on aolm. <COPY> Situation: I upgraded to the latest kernel for LM 9.1, downloaded from ftp://ftp.club-internet.fr/pub/unix/linux/Mandrake/updates/9.1/RPMS. After checking gpg and md5 (rpm -K), I installed kernel-2.4.21.0.24mdk-1-1mdk.i586.rpm (rpm -iv), kernel-source-2.4.21-0.24mdk.i586.rpm (rpm -iv --oldpackage) and freshened kernel-doc-2.4.21-0.24mdk.i586.rpm (rpm -Fv). I then rebooted and made the NVIDIA drivers for the new kernel. Everything seemed to work as expected. My system is LM 9.1 with all updates plus a few packages rebuilt from cooker SRPMs (mainly autoconf, automake, XFree86, and KDE). The updated kernel is the only change I made in the last 24 hours. Problem: All new files are now created with 0666 (rw-rw-rw-) permissions. Umask for user and root are correctly set (0077 and 0022 respectively) but are ignored. Directories are created with the correct permissions. When I reboot with the old kernel (2.4.21-0.18mdk) everything works as it should. Could someone who's upgraded to the latest kernel please check for this behavior. World-writable root-owned files is a serious security hole. </COPY> I've had one confirmation so far. I'm also seeing the problem Dave reported with msec. I'm currently running /etc/cron.daily/msec under kernel-2.4.21-0.18mdk to see whether it is indeed the kernel. I'll post the results under that thread when it completes. Arn
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
