Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] Seccheck question
  • From: "Stefan Suurmeijer (prive)" <stefan@xxxxxxxxxxxx>
  • Date: Tue, 05 Feb 2002 10:59:12 +0100
  • Message-id: <3C5FACF0.2060006@xxxxxxxxxxxx>


Michael Dreher wrote:

On Monday, 4. February 2002 16:53, Dietrich Meyer wrote:

this morning I found the following in the weekly security check email:
(SuSE 7.3, Marc Heuse's Security Check scripts)

The following program executables are group/world writeable:
- drwx------ 5 root root 194 Fri Jan 25 11:12:01 2002 .
+ drwx------ 5 root root 194 Mon Feb 04 00:55:23 2002 .

There seem to be no filenames in these lines, somewhat suspicios.
Any ideas?


I observe the same, since ages ago (SuSE 7.0), and also the following:


The following files are suid/sgid:
+ ++ /var/lib/secchk/data/sbit.new Mon Feb 4 01:01:16 2002
- drwx------ 17 root root 2048 Jan 14 02:28 .
+ drwx------ 17 root root 2048 Feb 1 16:19 .


The following devices were added:
+ ++ /var/lib/secchk/data/devices.new Mon Feb 4 01:36:34 2002
- drwx------ root root 2048 Jan
+ drwx------ root root 2048 Feb


I guess it is a bug in the scripts.

Michael


The report seems right: if you look closely you will see the date has changed. The secchecks compare filesystem listings, and since the date is different the entry is different, and hence is reported

Stefan



< Previous Next >