Bug 23197 - Incorrect permissions for group on some nodes
Summary: Incorrect permissions for group on some nodes
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: dev   
(Show other bugs)
Version: 7.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
URL:
Whiteboard: Florence Beta-3
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-01-02 23:46 UTC by Chris Evans
Modified: 2008-05-01 15:37 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-01-11 21:14:27 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Chris Evans 2001-01-02 23:46:14 UTC
These commands list /dev entries which are writable by
group root:

find /dev -gid 0 -perm -20 -type c
find /dev -gid 0 -perm -20 -type b

I suspect they are errors. They are a security concern because they
could well make leaks of group root equivalent to full root access; e.g.
/dev/agpgart would be the first candidate alphabetically :)

In general, I would expect the following rules to apply:
- A /dev entry should only be writable by the group if it has a special
group (e.g. disk), or it is publicly writable.

The same argument applies to group root having read permissions as well
as write permissions.

Generalising further, these rules do not just apply to /dev, but also
pretty
much all other files or directories. I suggest a quick audit; it is just a
single
"find" command.

Comment 1 Nalin Dahyabhai 2001-01-03 05:49:35 UTC
A number of these are set this way by convention (carried over when the dev
package was overhauled).  Some of these are redundant because of pam_console,
others we'll have to look at more closely.

Comment 2 Glen Foster 2001-01-11 21:14:22 UTC
This defect is considered MUST-FIX for Florence Gold release

Comment 3 Nalin Dahyabhai 2001-01-18 04:05:20 UTC
This should all be cleaned up as of dev-3.1.0-1, which is quite a bit more
careful about group ownerships and group read/write permissions.  If this breaks
anything, I trust we'll find out in time to relax some of the restrictions or
fix some broken programs.


Note You need to log in before you can comment on or make changes to this bug.