Hello community, here is the log from the commit of package permissions checked in at Tue Jun 27 18:27:36 CEST 2006. -------- --- permissions/permissions.changes 2006-05-19 15:49:14.000000000 +0200 +++ permissions/permissions.changes 2006-06-27 08:21:21.000000000 +0200 @@ -1,0 +2,5 @@ +Tue Jun 27 08:21:00 CEST 2006 - lnussel@suse.de + +- remove setuid bit on gpg (#137562) + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ permissions.spec ++++++ --- /var/tmp/diff_new_pack.KrwxWc/_old 2006-06-27 18:27:08.000000000 +0200 +++ /var/tmp/diff_new_pack.KrwxWc/_new 2006-06-27 18:27:08.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package permissions (Version 2006.5.19) +# spec file for package permissions (Version 2006.6.27) # # Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -14,7 +14,7 @@ License: GPL Group: Productivity/Security Autoreqprov: on -Version: 2006.5.19 +Version: 2006.6.27 Release: 1 Provides: aaa_base:/etc/permissions Requires: /sbin/SuSEconfig @@ -76,6 +76,8 @@ /var/adm/fillup-templates/sysconfig.security %changelog -n permissions +* Tue Jun 27 2006 - lnussel@suse.de +- remove setuid bit on gpg (#137562) * Fri May 19 2006 - lnussel@suse.de - add get_printing_ticket in order to enable smb printing with kerberos authentication (#177114) ++++++ permissions.easy ++++++ --- permissions/permissions.easy 2006-05-19 15:47:29.000000000 +0200 +++ permissions/permissions.easy 2006-06-27 08:20:45.000000000 +0200 @@ -84,12 +84,6 @@ # still to be converted to utempter /opt/gnome/lib/vte/gnome-pty-helper root:tty 2755 -# gpg cannot pin memory into the ram using mlock(2) if not suid. -# In memory pressure conditions, memory pages containing sensitive information -# can be paged to disk. -# the suid bit also removes gpg's complaints wrt the insecure memory. -/usr/bin/gpg root:root 4755 - # # mixed section: # ++++++ permissions.paranoid ++++++ --- permissions/permissions.paranoid 2006-05-19 15:48:03.000000000 +0200 +++ permissions/permissions.paranoid 2006-06-27 08:20:58.000000000 +0200 @@ -99,16 +99,6 @@ # still to be converted to utempter /opt/gnome/lib/vte/gnome-pty-helper root:tty 0755 -# gpg cannot pin memory into the ram using mlock(2) if not suid. -# In memory pressure conditions, memory pages containing sensitive information -# can be paged to disk. -# the suid bit also removes gpg's complaints wrt the insecure memory. -# in permissions.paranoid, we remove the setuid bit following the rationale -# described near the top of the file. -/usr/bin/gpg root:root 0755 - - - # # mixed section: most of it is disabled in this permissions.secure: # ++++++ permissions.secure ++++++ --- permissions/permissions.secure 2006-05-19 15:47:38.000000000 +0200 +++ permissions/permissions.secure 2006-06-27 08:20:50.000000000 +0200 @@ -122,15 +122,6 @@ # still to be converted to utempter /opt/gnome/lib/vte/gnome-pty-helper root:tty 2755 -# gpg cannot pin memory into the ram using mlock(2) if not suid. -# In memory pressure conditions, memory pages containing sensitive information -# can be paged to disk. -# the suid bit also removes gpg's complaints wrt the insecure memory. -/usr/bin/gpg root:root 4755 - - - - # # mixed section: most of it is disabled in this permissions.secure: # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit-unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit-help@opensuse.org