Mailinglist Archive: opensuse-bugs (4675 mails)

< Previous Next >
[Bug 642231] New: permissions are too permissive by far for /etc/sysconfig/network/ifcfg-*
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Tue, 28 Sep 2010 08:58:03 +0000
  • Message-id: <bug-642231-21960@xxxxxxxxxxxxxxxxxxxxxxxx/>

Summary: permissions are too permissive by far for
Classification: openSUSE
Product: openSUSE 11.3
Version: Final
Platform: Other
OS/Version: openSUSE 11.3
Status: NEW
Severity: Critical
Priority: P5 - None
Component: Basesystem
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: dieter.jurzitza@xxxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
Blocker: ---

User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:
Gecko/20100626 SUSE/3.6.6-1.1 Firefox/3.6.6

The permissions of the files above default to root.root 0644, what is very bad
IMHO. Given ifcfg-eth1 would be a wireless lan card, the password can be found
without encryption in this file - world readable.
This should not be the case IMHO and is a severe security violation. Please fix
The permissions ought to be 0400 with root.root, nothing else.

Reproducible: Always

Steps to Reproduce:
1. Configure wireless card from within yast
2. check the permissions of /etc/sysconfig/network/ifcfg-*
3. should not be the case
Actual Results:
see above

Expected Results:
secure permission settings

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >