Bug 129876 - incorrect permissions set on /etc/localtime
incorrect permissions set on /etc/localtime
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: redhat-config-date (Show other bugs)
3.0
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Nils Philippsen
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-08-13 13:31 EDT by cookgb
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-12-20 16:21:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description cookgb 2004-08-13 13:31:22 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040116

Description of problem:
When the date/time configuration applet is run, the permissions on
/etc/localtime can be incorrectly set so that "others" cannot read the
file.  This leads to the date being incorrectly reported since the
correct timezone cannot be read.

The problem seems to be associated with the user's umask.  I have a
default umask of 007.  When I run the date/time applet, I am queried
to enter the root password.  After this, if I allow the applet to set
the current time, then permissions on /etc/localtime is set to 660. 
If I change my umask to 002, log out and log back in, then run the
date/time applet again, the permissions are set to 664.

Since /etc/localtime is a system file that everyone should read, it
seems wrong to use the user's umask to mask the permissions being set.

This problem may actually be in the component that supports the
querying of the root password from the user.  When this is done, the
user's umask should not be used.  Rather a "reasonable" umask should
always be used.

Version-Release number of selected component (if applicable):
redhat-config-date-1.5.22-1

How reproducible:
Always

Steps to Reproduce:
1. Ensure that .cshrc or similar init script set umask to 007.
2. Exit the current X11 session and log back in.
3. Run the Date/Time applet either from the toolbar or from the
"Systems Settings" submenu of the RedHat menu.
4. Change the allow computer to synchronize time using NTP and select
"OK" to initiate the check.
5. ls -l /etc/localtime  (Notice that others have no read permission)
    

Actual Results:  -rw-rw----    1 root     root          1267 Aug 13
13:17 /etc/localtime

Expected Results:  -rw-r--r--    1 root     root          1267 Aug 13
13:17 /etc/localtime

Additional info:
Comment 1 Nils Philippsen 2004-08-15 14:13:50 EDT
This one is already fixed in system-config-date-1.7.3.1-1 on FC3. I
plan to backport the fix.
Comment 2 Nils Philippsen 2004-08-15 14:45:19 EDT
(Or from system-config-date-1.7.3-1 onwards FWIW)
Comment 3 Nils Philippsen 2004-08-15 16:29:43 EDT
Or from 1.7.1-1 as per bug #109803...
Comment 4 Nils Philippsen 2004-08-16 09:53:23 EDT
I've built a fixed package and put it up on
http://people.redhat.com/nphilipp/BETA/redhat-config-date/ until it is
available as an update.
Comment 5 John Flanagan 2004-12-20 16:21:48 EST
An advisory has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2004-435.html

Note You need to log in before you can comment on or make changes to this bug.