Hi Rafael, Not familiar with this code segment. But when openhpi* is installed, it creates /var/lib/openhpi with 755 permissions. Just tested it. Please let me know if that is not the case with steps to recreate the problem (777 permissions on /var/lib/openhpi)
Thanks Mohan On Tue, 2015-06-23 at 12:40 -0400, Rafael dos Santos wrote: > Hi, > > is there any reason why the directory '/var/lib/openhpi' is created with > world-writable permissions? > > from Makefile.am (line 134): > $(mkinstalldirs) $(DESTDIR)$(VARPATH) > chmod 777 $(DESTDIR)$(VARPATH) > > An attacker could use it to fill up the storage hosting the /var/lib/ > directory if quotas are not properly set. > > > Att. > -- > Rafael Fonseca > > ------------------------------------------------------------------------------ > Monitor 25 network devices or servers for free with OpManager! > OpManager is web-based network management software that monitors > network devices and physical & virtual servers, alerts via email & sms > for fault. Monitor 25 devices for free with no restriction. Download now > http://ad.doubleclick.net/ddm/clk/292181274;119417398;o > _______________________________________________ > Openhpi-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openhpi-devel ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ Openhpi-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openhpi-devel
