[Bug 632250] New: /etc/at.deny has wrong account name www-data
https://bugzilla.novell.com/show_bug.cgi?id=632250 https://bugzilla.novell.com/show_bug.cgi?id=632250#c0 Summary: /etc/at.deny has wrong account name www-data Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: x86-64 OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jens.herden@email.de QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.8) Gecko/20100723 SUSE/3.6.8-0.1.1 Firefox/3.6.8 In /etc/at.deny is an account www-data but the account on Suse for Apache is wwwrun! www-data is the account on Debian-like systems. I have not checked the other accounts. Reproducible: Always -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=632250 https://bugzilla.novell.com/show_bug.cgi?id=632250#c yang xiaoyu <xyyang@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |xyyang@novell.com AssignedTo|bnc-team-screening@forge.pr |crrodriguez@novell.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=632250 https://bugzilla.novell.com/show_bug.cgi?id=632250#c1 Cristian Rodríguez <crrodriguez@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium Status|NEW |ASSIGNED --- Comment #1 from Cristian Rodríguez <crrodriguez@novell.com> 2010-08-19 03:40:15 UTC --- Ouch, confirmed, at.deny is bugged as hell, almost all accounts mentioned there are invalid in SUSE. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=632250 https://bugzilla.novell.com/show_bug.cgi?id=632250#c2 Cristian Rodríguez <crrodriguez@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de --- Comment #2 from Cristian Rodríguez <crrodriguez@novell.com> 2010-09-22 03:20:08 UTC --- Currently we have no list of all possible system users created by packages, so providing a complete "blacklist" is not possible atm. The blacklist approach is by itself a very bad idea, I strongly suggest you if you want to disallow at usage use /etc/at.allow whitelist instead. Unless we can collect a full blacklist, with all possible entries, or the security team has a better idea, I will close this bug as WONTFIX. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=632250 https://bugzilla.novell.com/show_bug.cgi?id=632250#c3 --- Comment #3 from Ludwig Nussel <lnussel@novell.com> 2010-09-22 09:20:23 CEST --- yeah, the list is fairly incomplete. Even if we had a list of all system users created via packages (which would be a good thing) we still wouldn't know if those users maybe actually should be allowed to use at. We could nevertheless ship a 'correct' list i.e. valid suse user names (see /var/adm/fillup-templates/passwd.aaa_base). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=632250 https://bugzilla.novell.com/show_bug.cgi?id=632250#c4 Cristian Rodríguez <crrodriguez@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution| |FIXED --- Comment #4 from Cristian Rodríguez <crrodriguez@novell.com> 2010-09-28 04:32:23 UTC --- Fixed, 11.4 only SR#49297 This blacklist approach is doomed anyway.. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=632250 http://bugzilla.novell.com/show_bug.cgi?id=632250#c5 --- Comment #5 from Bernhard Wiedemann <bwiedemann@suse.com> --- This is an autogenerated message for OBS integration: This bug (632250) was mentioned in https://build.opensuse.org/request/show/49301 Factory / at -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com