http://bugzilla.suse.com/show_bug.cgi?id=1150336 Bug ID: 1150336 Summary: AUDIT-1: roccat-tools: review of setgid directory /var/lib/roccat Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: matthias.gerstner@suse.com QA Contact: qa-bugs@suse.de CC: jsegitz@suse.com, malte.kraus@suse.com, matthias.gerstner@suse.com, mrueckert@suse.com Found By: --- Blocker: --- +++ This bug was initially created as a clone of Bug #1150189 Like discussed in the proactive security team we want to catch up with packages installing set*id items that haven't been whitelisted yet in the permissions package. Formerly this rpmlint check type didn't cause badness and therefore didn't require packagers to actually have them reviewed. roccat-tools is one of the packages installing a setgid directory that isn't currently whitelisted: /var/lib/roccat drwxrws--- from roccat-tools-5.7.0-1.7.i586.rpm The secure use of this directory needs to be reviewed and if all is good a whitelisting entry in all our permission profiles must be added. -- You are receiving this mail because: You are on the CC list for the bug.