[Bug 1150345] New: AUDIT-1: nagios: review of setgid directory /var/spool/nagios
http://bugzilla.suse.com/show_bug.cgi?id=1150345 Bug ID: 1150345 Summary: AUDIT-1: nagios: review of setgid directory /var/spool/nagios Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: matthias.gerstner@suse.com QA Contact: qa-bugs@suse.de CC: jsegitz@suse.com, malte.kraus@suse.com, matthias.gerstner@suse.com Found By: --- Blocker: --- +++ This bug was initially created as a clone of Bug #1150189 Like discussed in the proactive security team we want to catch up with packages installing set*id items that haven't been whitelisted yet in the permissions package. Formerly this rpmlint check type didn't cause badness and therefore didn't require packagers to actually have them reviewed. Nagios is one of the packages installing a setgid directory that isn't currently whitelisted: /var/spool/nagios drwxrwsr-x from nagios-4.4.3-3.1.i586.rpm The secure use of this directory needs to be reviewed and if all is good a whitelisting entry in all our permission profiles must be added. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1150345 Matthias Gerstner <matthias.gerstner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1150189 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1150345 http://bugzilla.suse.com/show_bug.cgi?id=1150345#c1 --- Comment #1 from Matthias Gerstner <matthias.gerstner@suse.com> --- It turns out that this was already reviewed in bug 1028975. Johannes looked into it back then. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1150345 http://bugzilla.suse.com/show_bug.cgi?id=1150345#c2 Matthias Gerstner <matthias.gerstner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|security-team@suse.de |jsegitz@suse.com --- Comment #2 from Matthias Gerstner <matthias.gerstner@suse.com> --- I talked to Johannes and we wants to do the whitelisting. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1150345 http://bugzilla.suse.com/show_bug.cgi?id=1150345#c3 Johannes Segitz <jsegitz@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #3 from Johannes Segitz <jsegitz@suse.com> --- Added in git and submitted to Factory -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1150345 https://bugzilla.suse.com/show_bug.cgi?id=1150345#c6 --- Comment #6 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2021:1520-1: An update that solves three vulnerabilities and has 27 fixes is now available. Category: security (moderate) Bug References: 1028975,1029961,1093414,1133678,1148788,1150345,1150366,1151190,1157498,1160285,1160764,1161335,1161779,1163588,1167163,1169614,1171164,1171173,1171569,1171580,1171686,1171879,1171882,1173221,1174504,1175720,1175867,1178475,1178476,1183669 CVE References: CVE-2019-3687,CVE-2019-3688,CVE-2020-8013 JIRA References: Sources used: openSUSE Leap 15.3 (src): permissions-20200127-lp153.24.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com -
bugzilla_noreply@suse.com