On Sat, Dec 04, 2010 at 04:25:22PM +0800, Thomas Goirand wrote: > Package: sbox-dtc > Version: 1.11.2-1 > Severity: grave > > The file /usr/lib/cgi-bin/sbox should have the SUID bit set, as this is > the way sbox works, and also, it should be owned by the root user to > allow chroot in the vhost directory. > > The patch would be simple. Just adding this in the postinst: > > chmod u=+rwS /usr/lib/cgi-bin/sbox > chown root.root /usr/lib/cgi-bin/sbox
You probably want to use "root:root" here (that is, a colon instead of a dot) because POSIX mandates the use of the colon. People running with POSIXLY_CORRECT or _POSIX2_VERSION set in the environment will see the chmod invocation fail. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature