Bug#868730: rkhunter: /var/lib/rkhunter/tmp shouldn't be world-readable

Subject: Bug#868730: rkhunter: /var/lib/rkhunter/tmp shouldn't be world-readable
From: calestyo@scientia.net (Christoph Anton Mitterer)
Date: Tue, 18 Jul 2017 03:34:45 +0200
Message-id: <[🔎] 150034168580.4764.2312279100491147060.reportbug@heisenberg.scientia.net>

Package: rkhunter
Version: 1.4.4-2
Severity: normal
Tags: security


Hi.

I think this was even the case previously:
/var/lib/rkhunter/tmp should be only readable/listable by root:root.

rkhunter makes temp copies of security relevant files there, and while
right now the copies it makes have safe permissions, leaving this dir
world-readable for no good reason just calls for an error that can be
exploited in some way.

Cheers,
Chris.

Reply to:

Prev by Date: Bug#868677: libopenvas9: radius support is not compiled within, so the radius options will fail
Next by Date: Bug#868677: marked as done (libopenvas9: radius support is not compiled within, so the radius options will fail)
Previous by thread: Bug#868123:
Next by thread: grr 3.1.0.2+dfsg-3 MIGRATED to testing
Index(es):
- Date
- Thread