Bug 112787 - check for bad permissions on files
check for bad permissions on files
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: distribution (Show other bugs)
1
All Linux
low Severity medium
: ---
: ---
Assigned To: Bill Nottingham
Bill Nottingham
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-12-31 16:23 EST by Bill Rugolsky, Jr.
Modified: 2014-03-16 22:41 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-01-02 11:32:05 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Bill Rugolsky, Jr. 2003-12-31 16:23:11 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)
Gecko/20031114

Description of problem:
There are numerous packages that contain regular files with execute
permissions on non-executable data:

rpm -qa --dump | gawk 'NF > 6 && and(p=strtonum($(NF-6)),0111) &&
and(p,0170000) == 0100000 && $1 ~ /\.(gz|html|xml|dtd|ent|gif|bmp)$/
{print $1}'

Post-processing the output of the foregoing with

xargs -ifoobar rpm -qf --qf "%{NAME} foobar\n" foobar | gawk '{print
$1}' | sort -u

yields:

4Suite
anaconda-help
blas
brltty
ckermit
cyrus-sasl
dhclient
dhcp
dhcp-devel
docbook-dtds
giftrans
gimp-perl
gnome-applets
gnome-panel
gnome-user-docs
gnumeric
htdig
httpd-manual
iputils
irb
itcl
kbd
kernel-utils
lapack
macutils
mrtg
ntp
parted
pmake
tix
traceroute
transfig
unixODBC
vnc-server
w3c-libwww
x3270
xhtml1-dtds

This list is by no means exhaustive.


Version-Release number of selected component (if applicable):
rpm-4.2.1-0.30

How reproducible:
Didn't try

Steps to Reproduce:
1. As provided in the description.
    

Actual Results:  Lots of files have incorrect permissions.  This might
be the result of lazy use of defattr.

Expected Results:  It would be helpful if rpm warned about this and
other common permission errors (e.g., world writable files) while
packaging.

Additional info:

I didn't know where to file this meta-bug, but enhancing rpm to flag
it might eliminate most problems.
Comment 1 Jeff Johnson 2004-01-01 13:37:12 EST
rpm cannot dictate "bad permissions", has no reference template
nor well defined semantic rules to even attempt a comparison.

The problem is *not* due to
   %defattr(-,root,root)
which will use the permissions as otherwise specified.

Off to distribution for packaging policy call ...
Comment 2 Bill Nottingham 2004-01-01 23:04:27 EST
It's probably just best to file bugs against the individual packages.
Comment 3 Bill Rugolsky, Jr. 2004-01-02 11:32:05 EST
Jeff: It seems to me that if find-requires can't discern an
interpreter, it could issue a *warning*.

Bill: once there is an automated submission procedure, I'll be happy
to file the same bugs against dozens of packages. :-)

Note You need to log in before you can comment on or make changes to this bug.