On Mon, Dec 07, 2009 at 08:53:22AM +1100, Nathan Scott wrote: > ----- "Justin T Pryzby" <justinpry...@users.sourceforge.net> wrote: > > > Package: xfsdump > > Version: 2.2.48-1 > > Tags: security > > > > Looks like this: > > 12717634 0 drwxrwxrwx 2 root root 6 Sep 21 09:40 > > /var/.fsr/ag0 > > Thanks, have begun discussions with upstream as to effects of this. > Did you run that "ls" as root? What permissions do you see on the > /var/.fsr (parent) directory? That was the output of find -ls, as run by a daily root cronjob [0].
The parent is mode 700, so this is mostly a cosmetic/style issue. just...@loki:~$ ls -ld /var/.fsr drwx------ 82 root root 4K 2009-12-06 15:39 /var/.fsr mask = umask(0); if (mkdir(buf, 0700) < 0) { If mkdir fails with errno==EEXIST, then fsr warns then continues. Conceivably someone with pre-existing access to /var could create /var/.fsr and gain access to something else they didn't have access to, or cause data corruption while fsr is running. Normally access to /var already implies existing root access though. Ideally umask would either be left alone or set to 00007, 00077 or .. and the files would be created with mode 00700 or 00750. Thanks, Justin [0] find / -ignore_readdir_race \( \( -fstype nfs -o -path /proc -o -path /mnt \) -prune \) -o ! -type s ! -type c ! -type b ! -type l ! -perm -01777 -perm -00002 -ls -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org