Bug 333041 - Displays /var/log/audit on user desktop
Summary: Displays /var/log/audit on user desktop
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: gnome-vfs2
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Alexander Larsson
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: F8Blocker
TreeView+ depends on / blocked
 
Reported: 2007-10-15 19:10 UTC by Steve Grubb
Modified: 2007-11-30 22:12 UTC (History)
1 user (show)

Fixed In Version: 2.20.0-2.fc8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-10-16 15:30:37 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
proposed patch (295 bytes, patch)
2007-10-16 00:18 UTC, David Zeuthen 		no flags Details | Diff
View All

Description Steve Grubb 2007-10-15 19:10:09 UTC 
Description of problem:
Some desktop component has decided to display /var/log/audit partition as an
icon on a normal user's desktop. /var/log/audit is root root 0750. Nobody but
root should be able to see into that directory and it should not be on a desktop
since there are specific utilities to access and process audit logs.

Steps to Reproduce:
1. When installing a system, create a /var/log/audit partition
2. Boot system and login as normal user
3. Desktop icon is created for a system directory.

Additional Info:
Users that click on the icon will likely trip some security rules and be spotted
as someone trying to access unauthorized system areas. We should remove this so
they do not get themselves in trouble.
Comment 1 David Zeuthen 2007-10-15 23:15:05 UTC 
I'm not sure this is a bug; if the user created /var/log/audit as a separate
partition it will get shown in the UI like any other partition that a) is not in
a FHS2.3 location; and b) is mounted.

We could avoid showing partitions that are not readable for normal users but I
think if the user went through the trouble of creating a partition he probably
wants to see it too.

Reassigning to gnome-vfs2 since that is the component that decides what to show
on your desktop. Adding myself as Cc for further discussion.
Comment 2 Steve Grubb 2007-10-15 23:58:51 UTC 
Thanks for moving this to the right component.  :)

It is a bug. Suppose an admin creates this partition to follow Red Hat security
guidelines. The partition can only be accessed by root and there are
restrictions via selinux policy on the directory and its files. There are audit
rules to look for anyone that may try to access or tamper with the audit logs.

Meanwhile some unsuspecting user is given a fresh desktop to use and they see
this icon for /var/log/audit. They will not be able to access it, they will
trigger watches that the security officer will notice, and they only clicked on
it because it was on their desktop and they wondered what it was. We need to
remove temptation and also not advertise that the audit system is in use.

As for that standard quoted above, this should be added to it if no one has
taken it to the standards group yet. Who would I need to talk to about getting
this added to the standard? The audit logs are the storage place for all
security relevant events and must be treated carefully.
Comment 3 David Zeuthen 2007-10-16 00:18:16 UTC 
Created attachment 228041 [details]
proposed patch

Steve, does this patch work for you? 

Alex: We should probably rethink this when we switch to gvfs...
Comment 4 David Zeuthen 2007-10-16 00:33:22 UTC 
I've built gnome-vfs2 with this patch; you can get i686 and .src rpms here

http://people.freedesktop.org/~david/gnome-vfs2-ignore-var-log-audit/
Comment 5 Matthias Clasen 2007-10-16 01:24:01 UTC 
Looks like an easy enough patch; should probably get this in F8.
Comment 6 Steve Grubb 2007-10-16 15:27:52 UTC 
Testing with the srpm shows that this fixes the problem. Thanks.
Comment 7 David Zeuthen 2007-10-16 15:30:37 UTC 
Building this fix into Rawhide:
http://koji.fedoraproject.org/koji/taskinfo?taskID=198260
Note You need to log in before you can comment on or make changes to this bug.