I hope someone from Mandrake is still reading this list. I got the advisary for the new kernel in my mail, and installed the new kernel. Since, then, any number of processes which used to write files that were writable only by themselves (leafnode as user news, mailman as user mail and so on) are now writing their files in a world readable setting. My security logs this morning started reporting files in /var/spool/news, /var/lock/subsys, /var/run, /var/lib/mailman/lists and so on as being writable. Checking those directories, I find sure enough that everything is -rw-rw-rw- -- clearly, this is not acceptable! Can someone please look into this and fix it and issue a new kernel? This needs to not continue to happen. When I su to the user IDs in question and do a umask command, I see 0022 like it should be - so I can't see any reason why this should be happening.
I have the same problem:
[EMAIL PROTECTED] tmp]$ uname -r 2.4.21-0.24mdkenterprise [EMAIL PROTECTED] tmp]$ touch test [EMAIL PROTECTED] tmp]$ ls -al test -rw-rw-rw- 1 driver sa 0 Jul 23 14:25 test [EMAIL PROTECTED] tmp]$ pwd /var/tmp [EMAIL PROTECTED] tmp]$ cd /export/home/build/ [EMAIL PROTECTED] build]$ touch test.touch [EMAIL PROTECTED] build]$ ls -al test.touch -rw-r--r-- 1 driver sa 0 Jul 23 14:27 test.touch [EMAIL PROTECTED] build]$ pwd /export/home/build [EMAIL PROTECTED] ~]$ cd ~ [EMAIL PROTECTED] ~]$ touch test.touch [EMAIL PROTECTED] ~]$ ls -al test.touch -rw-rw-rw- 1 driver sa 0 Jul 23 14:27 test.touch [EMAIL PROTECTED] ~]$ umask 22
/var/tmp is reiserfs /export/home is xfs /home/driver aka ~ is nfs mount to a Solaris 8 server.
xfs doesn't seem to have the problem
here is on -smp of the same kernel: [EMAIL PROTECTED] tmp]$ uname -r 2.4.21-0.24mdksmp [EMAIL PROTECTED] tmp]$ touch test [EMAIL PROTECTED] tmp]$ ls -al test -rw-r--r-- 1 driver sa 0 Jul 23 14:30 test [EMAIL PROTECTED] tmp]$ pwd /var/tmp [EMAIL PROTECTED] tmp]$ cd ~ [EMAIL PROTECTED] ~]$ touch test.touch [EMAIL PROTECTED] ~]$ ls -al test.touch -rw-rw-rw- 1 driver sa 0 Jul 23 14:31 test.touch [EMAIL PROTECTED] ~]$ umask 22
/var/tmp is xfs /home/driver aka ~ is nfs mount to a Solaris 8 server.
This machine has no reiserfs.
xfs has no problems, nfs still does.
let me know if you need more test cases, I can rekickstart test machines with any combo of filesystems....
-- Bryan Whitehead SysAdmin - JPL - Interferometry and Large Optical Systems Phone: 818 354 2903 [EMAIL PROTECTED]
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
