Date: Wed, 29 Feb 2012 10:19:21 +0000 (UTC) From: jb <jb.1234abcd@gmail.com> To: freebsd-current@freebsd.org Subject: Re: negative group permissions? Message-ID: <loom.20120229T111136-48@post.gmane.org> References: <20120228092244.GB48977@mech-cluster241.men.bris.ac.uk> <loom.20120228T155607-690@post.gmane.org> <20120228162447.GB58311@mech-cluster241.men.bris.ac.uk> <20120229072458.GA95427@DataIX.net> <20120229085716.GA66484@mech-cluster241.men.bris.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Anton Shterenlikht <mexas <at> bristol.ac.uk> writes: > ... > To the best of my knowledge the security warning started > to appear recently. For the previous 2 years or so I haven't > seen it. Now, I didn't modify the default security scripts, > nor the lpd system. The file is created with this permissions > because the OS created it like this, not me. I've no idea > why my file is 0641 instead of 0661. I would suggest (if you can) that you change the .seq permissions to 0664 and watch what happens to it - the purpose is to narrow down who/what changed its mode. Some history. logs. and some ad hoc "watch script" would do it. > > So, given that the lpr.c hasn't changed for years, > perhaps the periodic scripts have, and what was > earlier considered fine now is considered serious enough > to issue a security warning. > > In any case, it seems either lpr.c needs to be changed, > or if 0661 is necessary, then the periodic sripts need to > be changed to ignore this file. > The periodic script is OK. Here is the author's view: http://lists.freebsd.org/pipermail/freebsd-hackers/2010-October/033256.html jb
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?loom.20120229T111136-48>