[Pkg-uml-pkgs] Bug#501046: uml-utilities: needlessly strict permissions on uml_net
Larry Doolittle
ldoolitt at recycle.lbl.gov
Fri Oct 3 15:28:15 UTC 2008
Package: uml-utilities
Version: 20070815-1.1
Severity: wishlist
Tags: patch
$ ls -l /usr/lib/uml/uml_net
-rwsr-x--- 1 root uml-net 23616 2008-04-05 06:46 /usr/lib/uml/uml_net
All's well except for the missing "r" for other. There are no secrets
in that file, as far as I can see. If a user wants to see a copy, they
can download uml-utilities_20070815-1.1_$ARCH.deb and peek inside.
The missing "r" bit prevents an unprivileged user from running debsums
(usefully) on the system -- and on my Debian sid installation at least,
that's the only such file.
The "fix" is trivial, but just so I can honestly add the "patch" flag
to this report, here is one:
--- debian/postinst.orig 2008-10-03 08:17:50.000000000 -0700
+++ debian/postinst 2008-10-03 08:17:59.000000000 -0700
@@ -33,7 +33,7 @@
fi
if ! dpkg-statoverride --list /usr/lib/uml/uml_net >/dev/null; then
- dpkg-statoverride --update --add root uml-net 04750 \
+ dpkg-statoverride --update --add root uml-net 04754 \
/usr/lib/uml/uml_net
fi
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages uml-utilities depends on:
ii adduser 3.110 add and remove users and groups
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libfuse2 2.7.4-1 Filesystem in USErspace library
ii libncurses5 5.6+20080925-1 shared libraries for terminal hand
ii libreadline5 5.2-3 GNU readline and history libraries
ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
uml-utilities recommends no packages.
Versions of packages uml-utilities suggests:
pn user-mode-linux <none> (no description available)
-- no debconf information
More information about the Pkg-uml-pkgs
mailing list