On Wed, Nov 21, 2012 at 10:43:10AM +0000, Bob Vickers wrote:
Hi,
The recent coreutils update (coreutils-8.14-3.11.1.x86_64) on opensuse 12.2 applied using 'zypper patch' has changed the permissions of /bin/su:
< -rwsr-x--- 1 root support 39984 2012-09-25 14:40:45.000000000 +0100 /bin/su ---
-rwsr-xr-x 1 root root 39984 2012-11-12 13:57:18.000000000 +0000 /bin/su
The result is that a security barrier has been silently removed.
Should not the patch process ensure that settings in /etc/permissions.local are honoured?
We have ENABLE_SUSECONFIG="yes" in /etc/sysconfig/suseconfig.
Yes it should. Please give output of: grep PERMISSION_SECURITY /etc/sysconfig/security grep -r /bin/su /etc/permissions* Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org