[Pkg-libvirt-maintainers] Bug#632332: Bug#632332: libvirt-bin: directory permissions differ from upstream
Guido Günther
agx at sigxcpu.org
Sat Jul 23 09:53:37 UTC 2011
On Fri, Jul 01, 2011 at 10:08:47AM -0400, Jim Paris wrote:
> Package: libvirt-bin
> Version: 0.9.2-5
> Severity: normal
>
> On the libvirt mailing list, I noticed this patch:
>
> http://www.redhat.com/archives/libvir-list/2011-May/msg01367.html
> Subject: [PATCH] libvirt.spec: /var/cache/libvirt should be 0711.
>
> I was curious to see if this packaging change made its way to Debian,
> but it seems that we don't set _any_ of the permissions like the .spec
> file does. The particular bug they were trying to fix likely doesn't
> exist in Debian because our /var/cache/libvirt is already overly
> permissive, but this seems like an oversight and can be a potential
> security issue (information leakage due to default 0755 rather than
> the more restrictive permissions that the .spec file lists).
Looking at the dirs I dont' think were're actually leaking information
at the moment but it might be better to stay close to upstream in case
it puts sensible files there.
Thanks,
-- Guido
More information about the Pkg-libvirt-maintainers
mailing list