[Bug 594393] New: need /usr/lib/news/bin/innbind in permissions
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c0 Summary: need /usr/lib/news/bin/innbind in permissions Classification: openSUSE Product: openSUSE 11.3 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: lnussel@novell.com ReportedBy: mls@novell.com QAContact: qa@suse.de Found By: Development Blocker: --- In inn-2.5, inndstart and startinnfeed were removed, innd and nnrpd call a new setuid root binary called innbind. Thus, please add: /usr/lib/news/bin/innbind root:news 4554 I don't know if we should leave the startinnfeed/inndstart entries so that customers can use an old version as well. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|need |AUDIT-0: need |/usr/lib/news/bin/innbind |/usr/lib/news/bin/innbind |in permissions |in permissions -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c1 --- Comment #1 from Ludwig Nussel <lnussel@novell.com> 2010-04-07 16:38:51 CEST --- we're not keeping the old entries around. The new binary is new code I suppose so it's a good idea to have someone look at it. Marking bug as audit request. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|lnussel@novell.com |security-team@suse.de -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c Sebastian Krahmer <krahmer@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |security-team@suse.de AssignedTo|security-team@suse.de |krahmer@novell.com -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c2 Sebastian Krahmer <krahmer@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |mls@novell.com --- Comment #2 from Sebastian Krahmer <krahmer@novell.com> 2010-05-04 08:34:04 UTC --- The code is OK. But I dont know how the code could work, since the sending of the bound socket-fd is a NOP function. (We dont have the STREAMS subsystem, dont we? :) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c3 Michael Schröder <mls@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|mls@novell.com | --- Comment #3 from Michael Schröder <mls@novell.com> 2010-05-04 10:08:10 UTC --- It doesn't need to send a new fd back on linux, it just binds the inherited fd from the parent process. The fd passing code is just there to confuse you ;-) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c4 --- Comment #4 from Sebastian Krahmer <krahmer@novell.com> 2010-05-05 12:26:07 UTC --- Just for curiosity, since the child (innbind) exits after the bind and there is no send_fd, how is this bound socket usable for the parent? Will bind(2)'s cross process boundary?? thats new to me. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c5 --- Comment #5 from Michael Schröder <mls@novell.com> 2010-05-05 13:08:45 UTC --- As the file descriptor is shared between processes I don't see why it shouldn't work across processes. Even seeking works across process boundaries. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c6 Sebastian Krahmer <krahmer@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #6 from Sebastian Krahmer <krahmer@novell.com> 2010-06-07 07:06:10 UTC --- Nothing more to be done by us. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=594393 https://bugzilla.novell.com/show_bug.cgi?id=594393#c7 --- Comment #7 from Bernhard Wiedemann <bwiedemann@suse.com> 2011-10-31 22:02:49 CET --- This is an autogenerated message for OBS integration: This bug (594393) was mentioned in https://build.opensuse.org/request/show/89843 Tumbleweed / permissions -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=594393 http://bugzilla.novell.com/show_bug.cgi?id=594393#c8 --- Comment #8 from Bernhard Wiedemann <bwiedemann@suse.com> --- This is an autogenerated message for OBS integration: This bug (594393) was mentioned in https://build.opensuse.org/request/show/38229 Factory / permissions -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com