From owner-freebsd-hubs  Thu Oct 10 17:47:31 2002
Delivered-To: freebsd-hubs@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C15E837B401
	for <hubs@freebsd.org>; Thu, 10 Oct 2002 17:47:30 -0700 (PDT)
Received: from orthanc.ab.ca (orthanc.ab.ca [216.123.203.186])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3014643EB1
	for <hubs@freebsd.org>; Thu, 10 Oct 2002 17:47:30 -0700 (PDT)
	(envelope-from lyndon@orthanc.ab.ca)
Received: from orthanc.ab.ca (localhost.orthanc.ab.ca [IPv6:::1])
	by orthanc.ab.ca (8.12.6/8.12.6) with ESMTP id g9B0la9a008553
	for <hubs@freebsd.org>; Thu, 10 Oct 2002 18:47:36 -0600 (MDT)
	(envelope-from lyndon@orthanc.ab.ca)
Received: (from lyndon@localhost)
	by orthanc.ab.ca (8.12.6/8.12.6/Submit) id g9B0laqw008552
	for hubs@freebsd.org; Thu, 10 Oct 2002 18:47:36 -0600 (MDT)
Date: Thu, 10 Oct 2002 18:47:36 -0600 (MDT)
From: Lyndon Nerenberg <lyndon@orthanc.ab.ca>
Message-Id: <200210110047.g9B0laqw008552@orthanc.ab.ca>
To: hubs@freebsd.org
Subject: Questionable ISO modes on ftp2
Sender: owner-freebsd-hubs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hubs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hubs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hubs>
X-Loop: FreeBSD.org

The permissions for the 4.7 i386 ISO images on ftp2 are:

150 Opening ASCII mode data connection for '/bin/ls'.
total 5487666
-rw-rw-r--  1 root   65532  639729664 Oct  9 22:11 4.7-disc1.iso
-rw-rw-r--  1 65532  65532  666075136 Oct  9 07:17 4.7-disc2.iso
-rw-rw-r--  1 65532  65532  654835712 Oct  8 10:13 4.7-disc3.iso
-rw-rw-r--  1 65532  65532  648937472 Oct  8 10:47 4.7-disc4.iso
-rw-rw-r--  1 root   65532  198672384 Oct  9 23:07 4.7-mini.iso
-rw-rw-r--  1 root   65532        274 Oct  9 23:19 CHECKSUM.MD5
226 Transfer complete.

These look a bit dangerous. While ftpd might be configured read-only,
the non-root [gu]ids that have write access to the images make me
nervous. So, this is a gentle nudge to the FTP site admins to take
a look at the distribution files on your servers and make sure
the permissions are reasonable (especially in light of the recent
sendmail distributions compromise).

While trolling though some other servers, ftp9 shows:

-rw-rw-r--   1 ftpuser  ftpusers 639729664 Oct  9 17:11 4.7-disc1.iso
-rw-rw-r--   1 ftpuser  ftpusers 666075136 Oct  9 02:17 4.7-disc2.iso
-rw-rw-r--   1 ftpuser  ftpusers 654835712 Oct  8 05:13 4.7-disc3.iso
-rw-rw-r--   1 ftpuser  ftpusers 648937472 Oct  8 05:47 4.7-disc4.iso
-rw-rw-r--   1 ftpuser  ftpusers 198672384 Oct  9 18:07 4.7-mini.iso
-rw-rw-r--   1 ftpuser  ftpusers       274 Oct  9 18:19 CHECKSUM.MD5
226 Listing completed.

So maybe the distribution files on ftp-master had mode 664 to begin
with?

--lyndon

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hubs" in the body of the message