[Bug 1235975] Re: Unsafe file and directory permissions
Barry Warsaw
1235975 at bugs.launchpad.net
Thu Oct 10 18:53:29 UTC 2013
I'm starting to dislike creating a safe temporary directory inside of
tempdir. Doing this causes all kinds of cascading problems with the
test suite, and with atexit handling (to ensure this temporary,
temporary directory is properly cleaned up for both graceful and
ungraceful exits).
At this late date I think it may not be worth the extra hassle,
especially in light of the comments in LP: #1233521. So I think I will
*not* do this but instead ensure that [system]tempdir is root-only
(specifically 02700).
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to system-image in Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and directory permissions
Status in Ubuntu system image (server/client/updater):
In Progress
Status in “system-image” package in Ubuntu:
In Progress
Bug description:
# ls -ld /var/log/system-image/
drwxrwxrwx 2 root root 4096 Sep 24 16:02 /var/log/system-image/
# ls -l /var/log/system-image/client.log
-rw-rw-rw- 1 root root 23927 Oct 6 09:11 /var/log/system-image/client.log
# ls -ld /tmp/system-image/
drwxrwxrwx 2 root root 260 Oct 6 09:11 /tmp/system-image/
Also, predictable temporary file (/tmp/system-image). This was
mentioned in bug #1233521
# system-image-cli -i
current build number: 78
device name: mako
channel: stable
last update: 2013-10-03 13:05:32
version version: 78
version ubuntu: 20131003
version device: 20131002.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-system-image/+bug/1235975/+subscriptions
More information about the foundations-bugs
mailing list