[Bug 1184786] New: Deduplicate directory ownership with filesystem package - openSUSE Bugs - openSUSE Mailing Lists

newer
[Bug 1207989] New: liblapacke.so.3...

[Bug 1184786] New: Deduplicate directory ownership with filesystem package

older
[Bug 1205518] [Build 20221117-2]...

bugzilla_noreply＠suse.com

15 Apr 2021 15 Apr '21

09:06

https://bugzilla.suse.com/show_bug.cgi?id=1184786 Bug ID: 1184786 Summary: Deduplicate directory ownership with filesystem package Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs@suse.de Reporter: dmueller@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Hi, checksec pointed out that various directories in our /usr are 0755 while they're 0555 on Fedora and Red Hat. For more hardened environments this might make a difference, as it prevents a user "root" that doesn't have DAC_OVERRIDE permission to no longer write/create files there. In order to achieve that, only one package need to own the permissions of that directory. currently we have various packages co-owning it, which means actual permission would depend on installation order, and we'd get installation conflicts. This can be prevented by de-duplicating directory ownership. this is a tracker bug that tracks the work related to it. -- You are receiving this mail because: You are on the CC list for the bug.

Attachments:

attachment.htm (text/html — 2.8 KB)

Reply

Sign in to reply online Use email software

Show replies by date

bugzilla_noreply＠suse.com

16 Apr 16 Apr

08:54

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 Chenzi Cao changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|screening-team-bugs@suse.de |ro@suse.com -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

17:10

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 https://bugzilla.suse.com/show_bug.cgi?id=1184786#c2 --- Comment #2 from OBSbugzilla Bot --- This is an autogenerated message for OBS integration: This bug (1184786) was mentioned in https://build.opensuse.org/request/show/886085 Factory / scribus -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

18:00

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 https://bugzilla.suse.com/show_bug.cgi?id=1184786#c3 --- Comment #3 from OBSbugzilla Bot --- This is an autogenerated message for OBS integration: This bug (1184786) was mentioned in https://build.opensuse.org/request/show/886089 Factory / jag -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

17 Apr 17 Apr

08:50

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 https://bugzilla.suse.com/show_bug.cgi?id=1184786#c4 --- Comment #4 from OBSbugzilla Bot --- This is an autogenerated message for OBS integration: This bug (1184786) was mentioned in https://build.opensuse.org/request/show/886220 Factory / gobby -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

09:30

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 https://bugzilla.suse.com/show_bug.cgi?id=1184786#c5 --- Comment #5 from OBSbugzilla Bot --- This is an autogenerated message for OBS integration: This bug (1184786) was mentioned in https://build.opensuse.org/request/show/886241 Factory / qt6-base -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

24 Aug 24 Aug

10:28

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 Ancor Gonzalez Sosa changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |1188994 -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

5 Mar 5 Mar

23:16

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 https://bugzilla.suse.com/show_bug.cgi?id=1184786#c27 --- Comment #27 from Swamp Workflow Management --- openSUSE-RU-2022:0073-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1184786,1195206 CVE References: JIRA References: Sources used: openSUSE Backports SLE-15-SP3 (src): opi-2.4.4-bp153.2.3.1 -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

17 Mar 17 Mar

09:13

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 Johannes Segitz changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugzilla.suse.com/s | |how_bug.cgi?id=1197169 -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

12:28

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@suse.com -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

08:30

New subject: [Bug 1184786] Deduplicate directory ownership with filesystem package

https://bugzilla.suse.com/show_bug.cgi?id=1184786 https://bugzilla.suse.com/show_bug.cgi?id=1184786#c35 --- Comment #35 from Maintenance Automation --- SUSE-FU-2023:0789-1: An update that contains one feature and has six feature fixes can now be installed. Category: feature (important) Bug References: 1087426, 1166619, 1184786, 1207358, 1207563, 1207989 Jira References: PED-3628 Sources used: openSUSE Leap 15.4 (src): lapack-3.9.0-150000.4.13.2, lapack-man-3.9.0-150000.4.13.2 Basesystem Module 15-SP4 (src): lapack-3.9.0-150000.4.13.2 Development Tools Module 15-SP4 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise Real Time 15 SP3 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): lapack-3.9.0-150000.4.13.2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): lapack-3.9.0-150000.4.13.2 SUSE Manager Proxy 4.2 (src): lapack-3.9.0-150000.4.13.2 SUSE Manager Retail Branch Server 4.2 (src): lapack-3.9.0-150000.4.13.2 SUSE Manager Server 4.2 (src): lapack-3.9.0-150000.4.13.2 SUSE Enterprise Storage 7.1 (src): lapack-3.9.0-150000.4.13.2 SUSE Enterprise Storage 7 (src): lapack-3.9.0-150000.4.13.2 SUSE CaaS Platform 4.0 (src): lapack-3.9.0-150000.4.13.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

400

Age (days ago)

1101

Last active (days ago)

Download

10 comments

1 participants

tags

participants (1)

bugzilla_noreply＠suse.com