Re: [PATCH] spec: Don't allow users to list problems "by hand"

Jakub Filak Mon, 02 Mar 2015 07:19:00 -0800

On Wednesday 25 of February 2015 17:29:11 Bastien Nocera wrote:
> abrt-dbus already allows users to list problems, and will make sure
> of filtering out problems that the user is not allowed to interact with.
> To avoid users knowing that particular problems are being created for
> another user, make sure that /var/tmp/abrt is not listable.
> ---
>  abrt.spec.in | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/abrt.spec.in b/abrt.spec.in
> index 53d3308..d52e66b 100644
> --- a/abrt.spec.in
> +++ b/abrt.spec.in
> @@ -728,7 +728,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor
> &>/dev/null || : %{_mandir}/man5/abrt_event.conf.5.gz
>  %config(noreplace) %{_sysconfdir}/libreport/events.d/smart_event.conf
>  %{_mandir}/man5/smart_event.conf.5.gz
> -%dir %attr(0755, abrt, abrt) %{_localstatedir}/%{var_base_dir}/%{name}
> +%dir %attr(0750, abrt, abrt) %{_localstatedir}/%{var_base_dir}/%{name}
>  %dir %attr(0700, abrt, abrt) %{_localstatedir}/spool/%{name}-upload
>  # abrtd runs as root
>  %dir %attr(0755, root, root) %{_localstatedir}/run/%{name}


Pushed. Thanks!

https://github.com/abrt/abrt/commit/61f3b160f609c112728e6cf3c55076aeabb75319
https://github.com/abrt/abrt/commit/a2933a10cd5e5e796ace5403ea8b6144ea7e7660

Re: [PATCH] spec: Don't allow users to list problems "by hand"

Reply via email to