Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 36992

Summary: Permissions on SWAP file
Product: [Retired] Red Hat Linux Reporter: redhat-bugs2eran
Component: anacondaAssignee: Michael Fulbright <msf>
Status: CLOSED ERRATA QA Contact: Brock Organ <borgan>
Severity: medium Docs Contact:
Priority: high    
Version: 7.1CC: katzj
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-05-10 15:25:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description redhat-bugs2eran 2001-04-21 16:06:11 UTC
The 'SWAP' file (filesystem-based swap space) created by the installer has mode 0755 (-rwxr-xr-x). 
Making swapspace world-readable is a major security issue: for instance, passwords can be read from swapped-out processes.
The swap file should have mode 0600.

Reproducible: Didn't try
Steps to Reproduce:
Upgrade a RedHat 7.0 system to RedHat 7.1 using network installation.
Let there be insufficient swapspace on the system, e.g., less than available RAM.
When prompted for additional swap space, choose to create a swap file on an existing ext2 partition.

Actual Results:  SWAP file created, mode 0755.
Expected Results:  SWAP file created, mode 0600.

Comment 1 Brent Fox 2001-04-21 16:56:58 UTC
We will look into this.  Thanks for your report.

Comment 2 Brent Fox 2001-04-23 15:59:15 UTC
I have verified this behavior.

Comment 3 Brent Fox 2001-05-09 19:16:13 UTC
msf, has this issue been resolved?

Comment 4 Brent Fox 2001-05-10 15:25:05 UTC
An errata has been released to address this issue.  

Advisory ID RHSA-2001:058-04 is available at
http://www.redhat.com/support/errata/RHSA-2001-058.html


Thanks for your report.

Comment 5 Brent Fox 2001-07-05 15:29:10 UTC
*** Bug 47285 has been marked as a duplicate of this bug. ***