Hello community, here is the log from the commit of package permissions for openSUSE:Factory checked in at 2014-06-18 22:04:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/permissions (Old) and /work/SRC/openSUSE:Factory/.permissions.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "permissions" Changes: -------- --- /work/SRC/openSUSE:Factory/permissions/permissions.changes 2014-04-16 07:25:05.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.permissions.new/permissions.changes 2014-06-18 22:04:26.000000000 +0200 @@ -1,0 +2,10 @@ +Mon Jun 16 11:46:15 UTC 2014 - meiss...@suse.com + +- opiesu,wodim,vlock-main have no setuid root. (bnc#882035) + +------------------------------------------------------------------- +Thu Jun 5 08:10:33 UTC 2014 - meiss...@suse.com + +- tighten /etc/crontab to be always mode 600, even in easy (bnc#867799) + +------------------------------------------------------------------- Old: ---- permissions-2014.04.15.1621.tar.bz2 New: ---- permissions-2014.06.16.1345.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ permissions.spec ++++++ --- /var/tmp/diff_new_pack.1YSqpB/_old 2014-06-18 22:04:27.000000000 +0200 +++ /var/tmp/diff_new_pack.1YSqpB/_new 2014-06-18 22:04:27.000000000 +0200 @@ -20,7 +20,7 @@ BuildRequires: libcap-devel Name: permissions -Version: 2014.04.15.1621 +Version: 2014.06.16.1345 Release: 0 Provides: aaa_base:/etc/permissions PreReq: %fillup_prereq ++++++ permissions-2014.04.15.1621.tar.bz2 -> permissions-2014.06.16.1345.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/permissions-2014.04.15.1621/permissions new/permissions-2014.06.16.1345/permissions --- old/permissions-2014.04.15.1621/permissions 2014-04-15 16:21:15.000000000 +0200 +++ new/permissions-2014.06.16.1345/permissions 2014-06-16 13:45:27.000000000 +0200 @@ -174,6 +174,14 @@ /var/lib/named/dev/null root:root 0666 /var/lib/named/dev/random root:root 0666 +# opiesu is not allowed setuid root as code quality is bad (bnc#882035) +/usr/bin/opiesu root:root 0755 +# wodim is not allowed setuid root as cd burning does not strictly require +# it (bnc#882035) +/usr/bin/wodim root:root 0755 +# vlock is not allowed setuid root as code is unproven quality (bnc#882035) +/usr/sbin/vlock-main root:root 0755 + # we no longer make rpm build dirs 1777 /usr/src/packages/SOURCES/ root:root 0755 /usr/src/packages/BUILD/ root:root 0755 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/permissions-2014.04.15.1621/permissions.easy new/permissions-2014.06.16.1345/permissions.easy --- old/permissions-2014.04.15.1621/permissions.easy 2014-04-15 16:21:15.000000000 +0200 +++ new/permissions-2014.06.16.1345/permissions.easy 2014-06-16 13:45:27.000000000 +0200 @@ -24,7 +24,7 @@ # # /etc # -/etc/crontab root:root 644 +/etc/crontab root:root 600 /etc/exports root:root 644 /etc/fstab root:root 644 # we don't package it -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org