Your message dated Sat, 26 Feb 2011 01:02:11 +0000
with message-id <[email protected]>
and subject line Bug#317329: fixed in tiger 1:3.2.3-7
has caused the Debian Bug report #317329,
regarding initscripts: should /dev/shm have restricted permissions?
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
317329: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317329
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: initscripts
Version: 2.86.ds1-1
Severity: normal
Tags: patch
on my system, /dev/shm is mounted with the same defaults as /tmp:
ls -ld /tmp/ /dev/shm/
drwxrwxrwt 3 root root 60 2005-07-07 11:11 /dev/shm/
drwxrwxrwt 7 root root 384 2005-07-07 11:25 /tmp/
is it a security risk to allow any and all users permission to write to
/dev/shm?
a patch is attached to restrict the permissions in
/etc/init.d/mountvirtfs, if it is deemed necessary.
live well,
vagrant
-- System Information:
Debian Release: 3.1
Architecture: i386 (i586)
Kernel: Linux 2.6.8-2-386
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages initscripts depends on:
ii coreutils 5.2.1-2 The GNU core utilities
ii dpkg 1.10.28 Package maintenance system for Deb
ii e2fsprogs 1.37-2sarge1 ext2 file system utilities and lib
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii mount 2.12p-4 Tools for mounting and manipulatin
ii util-linux 2.12p-4 Miscellaneous system utilities
-- no debconf information
--- /etc/init.d/mountvirtfs 2004-07-29 05:15:25.000000000 -0600
+++ /home/vagrant/mountvirtfs 2005-07-07 11:22:12.536673352 -0600
@@ -207,9 +207,15 @@
# max size using /etc/default/tmpfs to prevent tmpfs from using
# up all system memory.
#
+tmpfs_opt="-omode=0755"
if [ -n "$TMPFS_SIZE" ]
then
- tmpfs_opt="-osize=${TMPFS_SIZE}"
+ if [ -n "$tmpfs_opt" ]
+ then
+ tmpfs_opt="${tmpfs_opt},size=${TMPFS_SIZE}"
+ else
+ tmpfs_opt="-osize=${TMPFS_SIZE}"
+ fi
fi
domount tmpfs shmfs /dev/shm $tmpfs_opt
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: tiger
Source-Version: 1:3.2.3-7
We believe that the bug you reported is fixed in the latest version of
tiger, which is due to be installed in the Debian FTP archive:
tiger-otheros_3.2.3-7_i386.deb
to main/t/tiger/tiger-otheros_3.2.3-7_i386.deb
tiger_3.2.3-7.diff.gz
to main/t/tiger/tiger_3.2.3-7.diff.gz
tiger_3.2.3-7.dsc
to main/t/tiger/tiger_3.2.3-7.dsc
tiger_3.2.3-7_i386.deb
to main/t/tiger/tiger_3.2.3-7_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[email protected]> (supplier of updated tiger
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 26 Feb 2011 01:45:50 +0100
Source: tiger
Binary: tiger tiger-otheros
Architecture: source i386
Version: 1:3.2.3-7
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <[email protected]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[email protected]>
Description:
tiger - Report system security vulnerabilities
tiger-otheros - Scripts to run Tiger in other operating systems
Closes: 317329 581266 603338 609203 615052
Changes:
tiger (1:3.2.3-7) unstable; urgency=low
.
* debian/control:
- Add Recommends to tripwire | aide
- Review package description
* Update to latest CVS:
- [multiple files] Fix spelling (Closes: #609203)
- systems/Linux/2/config: Add /dev/shm and /lib/init/rw to the writable
filesystems (common tmpfs) (Closes: #317329, #603338)
- systems/Linux/2/gen_mounts: Added xenfs as a valid filesystem
(Closes: #615052)
- Apply patch by Timo Lindfors to add support for SHA-512 passwords
(This is the default used in Debian GNU/Linux squeeze and later releases)
(Closes: #581266)
Checksums-Sha1:
76a7547dbec8222679857e37cf0fa55c2a20266b 1111 tiger_3.2.3-7.dsc
40e48e2880ea11592cf66d5a57fec124c9d40101 65332 tiger_3.2.3-7.diff.gz
8918e9d65ff3054681b4d5d130ef473466b33af2 657960 tiger_3.2.3-7_i386.deb
c2aa7c4ddb9e80762af387a53b2c418ad31201da 484506 tiger-otheros_3.2.3-7_i386.deb
Checksums-Sha256:
4e645a8c1124f532cbd71c1008cfea2826d9c0eb2d74c1a2f8c466ab8473c44b 1111
tiger_3.2.3-7.dsc
b2baa78bb1d79353cf720305e8a30b0ac39556be5a43340677c8f2be3338a77d 65332
tiger_3.2.3-7.diff.gz
526ede3b62cc785704a2ed514da39598157757cc5bf8416460c0f698a20c5895 657960
tiger_3.2.3-7_i386.deb
ff63dba2312da1b91056b7ad3a929bf10aa20004db6d9c3c7bd23764c0d6b0e0 484506
tiger-otheros_3.2.3-7_i386.deb
Files:
3e8bd2571852942a4960be8d3d6db7d6 1111 admin optional tiger_3.2.3-7.dsc
38e6a6951a4b7858e7850784971e3c7e 65332 admin optional tiger_3.2.3-7.diff.gz
369d1d0d78594b5b620d27eed792c0ce 657960 admin optional tiger_3.2.3-7_i386.deb
a775da7c184aedb513c267474d7ff719 484506 admin optional
tiger-otheros_3.2.3-7_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFNaFAZsandgtyBSwkRAs7IAJ95r0LSyWgvXvW4YXQJUKYqIAMjtgCeJv6D
z3rO478T3dTLMykt9mdMXJY=
=fWpU
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Pkg-sysvinit-devel mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/pkg-sysvinit-devel
