negative group permissions?
jb
jb.1234abcd at gmail.com
Wed Feb 29 10:19:37 UTC 2012
Anton Shterenlikht <mexas <at> bristol.ac.uk> writes:
> ...
> To the best of my knowledge the security warning started
> to appear recently. For the previous 2 years or so I haven't
> seen it. Now, I didn't modify the default security scripts,
> nor the lpd system. The file is created with this permissions
> because the OS created it like this, not me. I've no idea
> why my file is 0641 instead of 0661.
I would suggest (if you can) that you change the .seq permissions to 0664 and
watch what happens to it - the purpose is to narrow down who/what changed its
mode.
Some history. logs. and some ad hoc "watch script" would do it.
>
> So, given that the lpr.c hasn't changed for years,
> perhaps the periodic scripts have, and what was
> earlier considered fine now is considered serious enough
> to issue a security warning.
>
> In any case, it seems either lpr.c needs to be changed,
> or if 0661 is necessary, then the periodic sripts need to
> be changed to ignore this file.
>
The periodic script is OK.
Here is the author's view:
http://lists.freebsd.org/pipermail/freebsd-hackers/2010-October/033256.html
jb
More information about the freebsd-current
mailing list