Bug 828447

Summary: CVE-2012-5605 Cloudforms grinder: /var/lib/pulp/cache/grinder directory is world-writeable.
Product: Red Hat Satellite Reporter: james labocki <jlabocki>
Component: Configuration ManagementAssignee: Pradeep Kilambi <pkilambi>
Status: CLOSED ERRATA QA Contact: Garik Khachikyan <gkhachik>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.0.0CC: bkearney, dmacpher, gkhachik, inecas, jsherril, lzap, mkoci, mmccune, omaciel, snansi
Target Milestone: UnspecifiedKeywords: SecurityTracking, Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Release Note
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-12-04 19:46:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 882138    

Description james labocki 2012-06-04 18:19:23 UTC 
Description of problem:
The /var/lib/pulp/cache/grinder directory is world-writeable
Comment 1 Justin Sherrill 2012-06-04 20:23:56 UTC 
This might be a blocker of  https://bugzilla.redhat.com/show_bug.cgi?id=813571.  at a minimum it provides more information.
Comment 2 Justin Sherrill 2012-06-04 20:35:07 UTC 
Errr, i meant dupe, not blocker.
Comment 3 Mike McCune 2012-06-13 15:31:49 UTC 
gofer != grinder so I'd say this isn't a dupe.
Comment 5 Lukas Zapletal 2012-06-26 08:23:42 UTC 
We are able to fix this in our installer, but I guess it's better to change this in the RPM itself.
Comment 6 Pradeep Kilambi 2012-07-05 13:12:21 UTC 
fixed in grinder in commit 41ae9d47c4e3db84b5637cc6b6bdd001a7bdc47e

after fix:

# ls -ld /var/lib/pulp/cache/grinder/
drwxr-x---. 3 apache apache 4096 Jul  5 09:12 /var/lib/pulp/cache/grinder/
Comment 8 Garik Khachikyan 2012-09-19 11:48:56 UTC 
# REOPEN

I have got the grinder version of: grinder-0.0.149-1.el6cf.noarch and it is _not_ fixed.

One can see: 
drwxrwxrwx. 3 apache apache 4096 Sep 19 07:46 /var/lib/pulp/cache/grinder/
Comment 13 Garik Khachikyan 2012-10-03 15:15:50 UTC 
# VERIFIED

... and grinder-0.0.150-1.el6cf.noarch has the fix!

now one can see:
---
drwxr-x---. 3 apache apache 4096 Oct  3 11:02 /var/lib/pulp/cache/grinder/
---

checked on:
katello-1.1.12-12.el6cf.noarch
katello-cli-1.1.8-6.el6cf.noarch
grinder-0.0.150-1.el6cf.noarch
Comment 20 errata-xmlrpc 2012-12-04 19:46:28 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-1543.html