Bug 1421468 - overly restrictive permissions on /usr/share/doc/tripwire
Summary: overly restrictive permissions on /usr/share/doc/tripwire
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: tripwire
Version: 25
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ---
Assignee: Didier Fabert (tartare)
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-02-12 13:59 UTC by J. Randall Owens
Modified: 2017-03-03 23:49 UTC (History)
4 users (show)

Fixed In Version: tripwire-2.4.3.2-3.fc24 tripwire-2.4.3.2-3.fc25 tripwire-2.4.3.2-3.el6 tripwire-2.4.3.2-3.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-02-26 00:18:50 UTC
Type: Bug


Attachments (Terms of Use)

Description J. Randall Owens 2017-02-12 13:59:28 UTC
Description of problem:
%{_docdir}/tripwire has permissions 0644 drw-r--r--, meaning we can't read even the docs there as non-root. Paranoia about a security package like this is great, but making the docs inaccessible is rather excessive.

Version-Release number of selected component (if applicable):
tripwire-2.4.3.1-10.fc25.x86_64

How reproducible:
every time

Steps to Reproduce:
1. # dnf install tripwire
2. $ less /usr/share/doc/tripwire/README.fedora
3. $ ls -ld /usr/share/doc/tripwire

Actual results:
/usr/share/doc/tripwire/README.Fedora: Permission denied
drw-r--r--. 2 root root 4096 Dec 13 17:36 /usr/share/doc/tripwire/

Expected results:
viewing the README file; drwxr-xr-x.

Additional info:
Looking over the specfile, I haven't figured out why the x bits are removed from the perms. %defattr(0644,root,root,0755) should allow for the expected drwxr-xr-x, and I don't see anything else removing permissions there (although there's a chmod 644 on the files within the directory). Maybe it's actually an rpmbuild bug that doesn't show up in many packages since most don't set the permissions so thoroughly? . . . Looking over the contents on my own machine, there are 14 other directories there which are also drw-r--r--. So it seems possible.

Comment 1 Fedora Update System 2017-02-15 10:25:19 UTC
tripwire-2.4.3.2-3.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d22c0336d8

Comment 2 Fedora Update System 2017-02-15 10:25:48 UTC
tripwire-2.4.3.2-3.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c7cf6ea72

Comment 3 Fedora Update System 2017-02-15 10:27:39 UTC
tripwire-2.4.3.2-3.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5e7a3c732

Comment 4 Fedora Update System 2017-02-15 10:28:09 UTC
tripwire-2.4.3.2-3.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-5994e7b9e9

Comment 5 Fedora Update System 2017-02-16 14:15:48 UTC
tripwire-2.4.3.2-3.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-4c7cf6ea72

Comment 6 Fedora Update System 2017-02-16 17:18:29 UTC
tripwire-2.4.3.2-3.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-d22c0336d8

Comment 7 Fedora Update System 2017-02-17 00:51:32 UTC
tripwire-2.4.3.2-3.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5e7a3c732

Comment 8 Fedora Update System 2017-02-17 15:25:36 UTC
tripwire-2.4.3.2-3.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-5994e7b9e9

Comment 9 Fedora Update System 2017-02-26 00:18:50 UTC
tripwire-2.4.3.2-3.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2017-02-26 01:36:22 UTC
tripwire-2.4.3.2-3.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2017-03-03 23:49:25 UTC
tripwire-2.4.3.2-3.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2017-03-03 23:49:51 UTC
tripwire-2.4.3.2-3.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.