Bug 398981 - overly restrictive permissions on /etc/rc.d/init.d/atd
overly restrictive permissions on /etc/rc.d/init.d/atd
Product: Fedora
Classification: Fedora
Component: at (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Marcela Mašláňová
Fedora Extras Quality Assurance
: Reopened
: 401181 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2007-11-25 21:11 EST by Yves Perrenoud
Modified: 2007-12-06 15:46 EST (History)
2 users (show)

See Also:
Fixed In Version: 3.1.10-19.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-12-06 15:46:58 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Yves Perrenoud 2007-11-25 21:11:41 EST
Description of problem:

The permission on /etc/rc.d/init.d/atd is 700. It used to be 755, all other
startup scripts in /etc/rc.d/init.d are 755. I can't see any reason "atd"
shouldn't also be 755. Other than denying a normal user the right to
legitimately inspect the startup script, it also breaks "chkconfig --list" for
non-root users.

Version-Release number of selected component (if applicable):


How reproducible:

Those are the persmissions as defined in the RPM.
Comment 1 Marcela Mašláňová 2007-11-26 03:20:51 EST
Yes, it should be 755, I'll fix it in rawhide.
Comment 2 Marcela Mašláňová 2007-11-30 09:25:47 EST
*** Bug 401181 has been marked as a duplicate of this bug. ***
Comment 3 Need Real Name 2007-11-30 09:46:44 EST
Does this mean that we will need to wait until F9 to see the fix? Or is there
any reason not just to put the fix in 'testing' and then 'updates' for F8?
Comment 4 Marcela Mašláňová 2007-11-30 09:52:32 EST
Ok, I can put it into F-8 as at-3.1.10-18.fc8, it's also fixed in devel.
Comment 5 Need Real Name 2007-11-30 10:11:15 EST
Comment 6 Ville Skyttä 2007-12-01 16:07:03 EST
Permissions of /etc/sysconfig/atd should probably also change to 644, then (no
need to restrict to root only AFAIK, and no need for executable bits).

Having them 600 doesn't appear to break anything, but is an annoyance and
results in permission denied messages for non-root users trying to read the
service's status.

--- at.spec     30 Nov 2007 14:48:49 -0000      1.60
+++ at.spec     1 Dec 2007 21:06:39 -0000
@@ -168 +168 @@
-%attr(0700,root,root)          %{_sysconfdir}/sysconfig/atd
+%attr(0644,root,root)          %{_sysconfdir}/sysconfig/atd
Comment 7 Marcela Mašláňová 2007-12-03 02:53:23 EST
Yes, sorry. That's really good point.
Comment 8 Fedora Update System 2007-12-06 15:46:57 EST
at-3.1.10-19.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.