Bug#413151: tzdata: /etc/localtime is created non-readable
Package: tzdata
Version: 2006p-1
Severity: important
Tags: patch
The postinstall script for tzdata creates the /etc/localtime file with
permissions 0600 which prevents users of the system from determining
the localtime. The attached patch ensures that after copying the
timezone information file to /etc/localtime the permissions are set
such that users of the system can access the file. This happens
because the umask is set to 0066 when the file is created.
diff -Naur tzdata-2006p/debian/postinst tzdata-2006p-mod/debian/postinst
--- tzdata-2006p/debian/postinst 2007-03-02 15:33:34.000000000 -0500
+++ tzdata-2006p-mod/debian/postinst 2007-03-02 15:32:48.000000000 -0500
@@ -70,6 +70,7 @@
# zic -l $timezone
rm -f /etc/localtime && \
cp -f /usr/share/zoneinfo/$timezone /etc/localtime
+ chmod 0644 /etc/localtime
zone_banner
# Handle problem caused by lame old tzconfig.
elif [ "$timezone" = "US/Pacific-New" ]
@@ -78,6 +79,7 @@
# zic -l US/Pacific
rm -f /etc/localtime && \
cp -f /usr/share/zoneinfo/US/Pacific /etc/localtime
+ chmod 0644 /etc/localtime
zone_banner
else
set_timezone
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
-- no debconf information
Reply to: