Bug 122843
| Summary: | Bad umask logic sets default world permission of read for csh users | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Bill Gorder <w.gorder> |
| Component: | setup | Assignee: | Bill Nottingham <notting> |
| Status: | CLOSED NOTABUG | QA Contact: | David Lawrence <dkl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 9 | CC: | rvokal |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | i686 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2004-05-21 18:33:53 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
umask is never set to 007, in any *rc file (csh or bash); it's 002 for normal users and 022 for root. |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225 Description of problem: /etc/csh.cshrc has a logic error in the setting of umask in Red Hat 9. The line in error is [ "`id -gn`" = "`id -un`" -a `id -u` -gt 99 ] and should be if ( "`id -gn`" == "`id -un`" && `id -u` > 99 ) then The bad line sets umask = 002 instead of 007. It looks like bash that was not fully converted to csh Version-Release number of selected component (if applicable): setup-2.5.25-1 How reproducible: Always Steps to Reproduce: 1.copy if statement to a file (fn) 2.place "echo" before the then and else clauses so the path taken is printed 3.run csh fn where fn is the name of the file 4. Observe the error 5. Also, just create a file by any means and examine it with (ls -alt), observe that world read permissions are set. Actual Results: Error causes all files created by a user to have world read permission set (umask 002) Expected Results: Files created by a user should have no world permissions (umask 007) Additional info: To fix, replace the line [ "`id -gn`" = "`id -un`" -a `id -u` -gt 99 ] with if ( "`id -gn`" == "`id -un`" && `id -u` > 99 ) then The error can be a security issue as it exposes all user information to any other user.