Bug#23867: Critical permissions bug on /lib and /tmp
> Severity: critical
>
> Sorry I am unable to provide an exact package or version, since I did a batch
> upgrade last night. I only know that it was caused by a package added to /hamm
> within the last week (probably the last 2-3 days)
>
> The offending package chmod 750 /lib, screwing up everything not run as root.
> (bash, exim, cgi-bin, user accounts, etc, etc)
> I also noticed on one of the systems I upgraded, /tmp was changed to 750.
> /tmp should be 1777.
>
> These brought my mutiuser server down to it's knees... : P
Would it be possible to do 'grep "chmod.*750" /var/lib/dpkg/info/*',
or, failing that, 'grep "chmod.*/tmp" /var/lib/dpkg/info/*' ?
I don't see any likely offenders offhand on my system.
--
.....A. P. Harris...apharris@onShore.com...<URL:http://www.onShore.com/>
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: