Bug#935991: dh-runit: please avoid excessive/dangerous chown/chmod

2019-09-06 Thread Daniel Kahn Gillmor
On Sun 2019-09-01 13:24:14 +, Dmitry Bogatov wrote: > Good. How urgent is fix? Can I just upload `dh-runit' into unstable and > eventually fix will propagate to affected packages, or I have to request > binNMU? definitely start with a fix to unstable, but i don't know that it's urgent to

Bug#935991: dh-runit: please avoid excessive/dangerous chown/chmod

2019-09-01 Thread Dmitry Bogatov
[2019-08-29 12:23] Daniel Kahn Gillmor > > Then I plan to change script to following: > > > > 1 #!/bin/sh > > 2 chown runit-log:adm '/var/log/runit/tor' > > 3 chmod 750 '/var/log/runit/tor' > > 4 umask 0022 > > 5 exec chpst -u runit-log svlogd -tt '/var/log/runit/tor' > > > > The idea is that

Bug#935991: dh-runit: please avoid excessive/dangerous chown/chmod

2019-08-29 Thread Daniel Kahn Gillmor
On Thu 2019-08-29 15:23:07 +, Dmitry Bogatov wrote: > Thank you. I wasn't aware of such problems. Thanks for the quick response, Dmitry. > Then I plan to change script to following: > > 1 #!/bin/sh > 2 chown runit-log:adm '/var/log/runit/tor' > 3 chmod 750 '/var/log/runit/tor' > 4 umask 0022

Bug#935991: dh-runit: please avoid excessive/dangerous chown/chmod

2019-08-29 Thread Dmitry Bogatov
control: tags -1 +confirmed [2019-08-28 14:12] Daniel Kahn Gillmor > Package: dh-runit > Version: 2.8.13.2 > Tags: security > Control: affects -1 tor openssh-server > > by default, dh-runit sets up logging runscripts like this: > > > 1 #!/bin/sh > 2 chown -R runit-log:adm

Bug#935991: dh-runit: please avoid excessive/dangerous chown/chmod

2019-08-28 Thread Daniel Kahn Gillmor
Package: dh-runit Version: 2.8.13.2 Tags: security Control: affects -1 tor openssh-server by default, dh-runit sets up logging runscripts like this: 1 #!/bin/sh 2 chown -R runit-log:adm '/var/log/runit/tor' 3 chmod 750 '/var/log/runit/tor' 4 chmod u+rw,g+r,o-rwx