Bug#23867: Critical permissions bug on /lib and /tmp

To: dcinege@psychosis.com
Cc: Debian Testing Group <debian-testing@lists.debian.org>, 23867@bugs.debian.org
Subject: Bug#23867: Critical permissions bug on /lib and /tmp
From: apharris@burrito.onshore.com (Adam P. Harris)
Date: 26 Jun 1998 20:52:11 -0400
Message-id: <[🔎] oaiulnekec.fsf@burrito.fake>
Reply-to: apharris@burrito.onshore.com (Adam P. Harris), 23867@bugs.debian.org
In-reply-to: Brian White's message of "Fri, 26 Jun 1998 11:01:00 -0400"
References: <[🔎] 3593B7AC.27D611B6@verisim.com>

> Severity: critical
> 
> Sorry I am unable to provide an exact package or version, since I did a batch
> upgrade last night. I only know that it was caused by a package added to /hamm
> within the last week (probably the last 2-3 days)
> 
> The offending package chmod 750 /lib, screwing up everything not run as root.
> (bash, exim, cgi-bin, user accounts, etc, etc)
> I also noticed on one of the systems I upgraded, /tmp was changed to 750.
> /tmp should be 1777.
> 
> These brought my mutiuser server down to it's knees...  : P

Would it be possible to do 'grep "chmod.*750" /var/lib/dpkg/info/*',
or, failing that, 'grep "chmod.*/tmp" /var/lib/dpkg/info/*' ?

I don't see any likely offenders offhand on my system.

-- 
.....A. P. Harris...apharris@onShore.com...<URL:http://www.onShore.com/>


--  
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Bug#23867: Critical permissions bug on /lib and /tmp
  - From: Brian White <bcwhite@verisim.com>

Prev by Date: Re: Source package name for versioned libs.
Next by Date: Dependency issue of the manpages
Previous by thread: Bug#23867: Critical permissions bug on /lib and /tmp
Next by thread: Re: Bug#23867: Critical permissions bug on /lib and /tmp
Index(es):
- Date
- Thread