[Bug 1150366] New: AUDIT-1: ceph-common: review of setgid directory /var/log/ceph
http://bugzilla.suse.com/show_bug.cgi?id=1150366 Bug ID: 1150366 Summary: AUDIT-1: ceph-common: review of setgid directory /var/log/ceph Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: matthias.gerstner@suse.com QA Contact: qa-bugs@suse.de CC: jsegitz@suse.com, malte.kraus@suse.com, matthias.gerstner@suse.com, ncutler@suse.com Blocks: 1150189 Found By: --- Blocker: --- +++ This bug was initially created as a clone of Bug #1150189 Like discussed in the proactive security team we want to catch up with packages installing set*id items that haven't been whitelisted yet in the permissions package. Formerly this rpmlint check type didn't cause badness and therefore didn't require packagers to actually have them reviewed. ceph-common is one of the packages installing a setgid directory that isn't currently whitelisted: /var/log/ceph drwxrws--T from ceph-common-14.2.2.354+g8878cf2360-1.1.x86_64.rpm The secure use of this directory needs to be reviewed and if all is good a whitelisting entry in all our permission profiles must be added. -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com
-
bugzilla_noreply@suse.com