Le dimanche 15 août 2010 à 18:06:14 (+0200), Christoph Anton Mitterer a écrit : > Date: Sun, 15 Aug 2010 18:06:14 +0200 > From: Christoph Anton Mitterer <cales...@scientia.net> > To: Debian Bug Tracking System <sub...@bugs.debian.org> > Subject: Bug#593120: /var/lib/rkhunter/tmp/ should not be group readable > Reply-To: Christoph Anton Mitterer <cales...@scientia.net>, > 593...@bugs.debian.org > > Package: rkhunter > Version: 1.3.6-4 > Severity: wishlist > > > Hi.
Hi, > As already suggested by the rkhunter documentation, the tmp-dir > /var/lib/rkhunter/tmp/ should have tight permissions. The tmp directory keeps the default rights defined by upstream. > group-rights should be removed even for the root group IMO. > As sysadmins may have deliberately removed this for some files copied there. You are right, though I would then better check that the files are copied to this directory using either 'cp -p' or 'cp -a', what do you think? This is already the case for the passwd and group files which are dealt with in the postinst script. Cheers, Julien -- Julien Valroff <jul...@kirya.net> http://www.kirya.net GPG key: 4096R/290D20C5 092F 4CB5 5F19 E006 1CFD B489 D32B 8D66 290D 20C5 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org