Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] rc.config: -----w--w- after snort-Update (fwd)
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Sat, 9 Feb 2002 19:05:41 +0100 (MET)
  • Message-id: <Pine.LNX.4.44.0202091900250.14881-100000@xxxxxxxxxxxx>
>
> After Updating snort on 30 (!) SuSE 7.2 boxes the permissions of
> /etc/rc.config
> were set to -----w--w- :-(((
>
> arber:~ # ls -l /etc/rc.config
> -rw-r--r-- 1 root root 35265 Feb 8 19:00 /etc/rc.config
>
> arber:~ # rpm -Uvh snort-1.8.1-16.i386.rpm
> snort-1.8.1-16.i386.rpm
> snort
> ##################################################
> Moving snort configuration file snort-lib to new name snort.conf.
> Convert file reference from snort-lib to snort.conf in etc/rc.config
> Updating etc/rc.config...
>
> arber:~ # ls -l /etc/rc.config
> -----w--w- 1 root root 35266 Feb 8 19:00 /etc/rc.config

I could not reproduce it on my test system here, the permissions were at
644 before and after the upgrade of the package.

We will be digging into this after the weekend, though. In the meanwhile,
I have moved the snort packages, info files and the patchfile to the
/pub/suse/i386/update/7.2/.needs_review/ directory so that it's not
available with semi-automated tools.

Please report such things to security@xxxxxxx, SuSE's primary security
contact as mentioned in every single security announcement since years.
The fact that mails on suse-security are being read is pure coincidence.

> arber:~ # rpm -q --scripts snort
> ...
> umask 644 <------------------
> mv etc/rc.config.new-snort etc/rc.config
> ...
>
> :-(((((((((((((
>
> It seems that anybody out there has problems with umask and chmod Syntax.
>
>
> Boys, what a great security Patch!!


Thanks,
Roman.
--
- -
| Roman Drahtm├╝ller <draht@xxxxxxx> // "You don't need eyes to see, |
SuSE GmbH - Security Phone: // you need vision!"
| N├╝rnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- -


< Previous Next >
Follow Ups
References