Mailinglist Archive: opensuse-bugs (4067 mails)

< Previous Next >
[Bug 683017] SuSEconfig fails to set permissions

https://bugzilla.novell.com/show_bug.cgi?id=683017

https://bugzilla.novell.com/show_bug.cgi?id=683017#c5


Michael Monnerie <novell-web@xxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |novell-web@xxxxxx

--- Comment #5 from Michael Monnerie <novell-web@xxxxxx> 2011-08-09 06:23:07
UTC ---
I want to comment on this as I just got aware of it now. You're playing
dangerous if you change a behaviour that has been there for years. Also, the
comment in /etc/sysconfig/security (security!!!):

# SuSEconfig can call chkstat to check permissions and ownerships for
# files and directories (using /etc/permissions).
# Setting to "set" will correct it, "warn" produces warnings, if
# something strange is found. Disable this feature with "no".
#
CHECK_PERMISSIONS="set"

But despite having it set to "set", it doesn't do that anymore. The current
ignorance of this "set" option puts security of openSUSE installations at risk,
and broke things for us. We only found that now, as we have lots of automation
tools to do the administration of the systems. Changing a security feature
without any big warning sign in the release notes is BAD, BAD, BAD, don't do
that.

It's OK if you want to get rid of SuSEconfig.permissions, but please don't
break existing things, or at least update /etc/sysconfig/security, and change
the comment there.

Also, I'd be interested to know what you want to offer instead
"SuSEconfig.permissions". There will be some other way to easily configure file
security, right? I don't understand why you have to break things now.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >
This Thread
  • No further messages