Bug 70768

Summary: World writable /usr/games/Maelstrom/Maelstrom-Scores
Product: [Retired] Red Hat Public Beta Reporter: Dax Kelson <dkelson>
Component: MaelstromAssignee: Bill Nottingham <notting>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: high    
Version: nullCC: rvokal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-08-21 06:14:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 67217    

Description Dax Kelson 2002-08-05 00:55:50 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/20020712

Description of problem:
The file /usr/games/Maelstrom/Maelstrom-Scores has evil 666 permissions. This is
bad because it can be used to bypass quota restrictions, and even worse since
this file is loaded processed by the game, depending on how securely it is
processed, someone might be able to exploit any user who runs the game.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
n/a

Actual Results:  n/a

Expected Results:  n/a

Additional info:

n/a
Comment 1 Dax Kelson 2002-08-21 06:14:12 UTC 
Still in Null.
Comment 2 Preston Brown 2002-08-23 02:34:43 UTC 
corrected in 3.0.5-4 and later.