https://bugzilla.suse.com/show_bug.cgi?id=1184786 Bug ID: 1184786 Summary: Deduplicate directory ownership with filesystem package Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs@suse.de Reporter: dmueller@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Hi, checksec pointed out that various directories in our /usr are 0755 while they're 0555 on Fedora and Red Hat. For more hardened environments this might make a difference, as it prevents a user "root" that doesn't have DAC_OVERRIDE permission to no longer write/create files there. In order to achieve that, only one package need to own the permissions of that directory. currently we have various packages co-owning it, which means actual permission would depend on installation order, and we'd get installation conflicts. This can be prevented by de-duplicating directory ownership. this is a tracker bug that tracks the work related to it. -- You are receiving this mail because: You are on the CC list for the bug.