Bug 15454 - incorrect setuid management
Summary: incorrect setuid management
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: linuxconf   
(Show other bugs)
Version: 7.0
Hardware: i386 Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2000-08-05 02:31 UTC by mal
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-08-05 02:31:51 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description mal 2000-08-05 02:31:49 UTC
linuxconf is trying to do some permission management
on files which do not belong to the  packages the module 
was designed for.
if sendmail is removed and another mail transport agent is installed 
linuxconf is still trying to set setuid bit on execution 
for /usr/lib/sendmail , even this file 
now suppose NOT TO HAVE setuid on execution bit. set.

Linuxconf should be modified in such way that
if sendmail package is not install  - do not manage 
any permissions on sendmail files at al.

Same thing with the other sendmail modules.
If linuxconf module suppose to manage 
package A then do not touch any files 
if package A is not installed, even if some of files
have the same names as ones from package A.

Comment 1 Nalin Dahyabhai 2000-08-30 18:24:25 UTC
Fixed in linuxconf-1.19r2-4.  Linuxconf will no longer attempt to set
permissions on /usr/sbin/sendmail, but I believe that the MTA should not be
providing a binary with this name.

Comment 2 mal 2000-08-30 19:52:16 UTC
Every MTA (EXIM,QMAIL,SMAIL) provides a binary file
for compatibility with sendmail.

If they do not do this many programs
(such as mailx, pine. etc)
will stop working because they have the have
hardcoded as mail transport agent.

Note You need to log in before you can comment on or make changes to this bug.