Bug 70768 - World writable /usr/games/Maelstrom/Maelstrom-Scores
World writable /usr/games/Maelstrom/Maelstrom-Scores
Status: CLOSED RAWHIDE
Product: Red Hat Public Beta
Classification: Retired
Component: Maelstrom (Show other bugs)
null
All Linux
high Severity medium
: ---
: ---
Assigned To: Bill Nottingham
: Security
Depends On:
Blocks: 67217
  Show dependency treegraph
 
Reported: 2002-08-04 20:55 EDT by Dax Kelson
Modified: 2014-03-16 22:29 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-08-21 02:14:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Dax Kelson 2002-08-04 20:55:50 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/20020712

Description of problem:
The file /usr/games/Maelstrom/Maelstrom-Scores has evil 666 permissions. This is
bad because it can be used to bypass quota restrictions, and even worse since
this file is loaded processed by the game, depending on how securely it is
processed, someone might be able to exploit any user who runs the game.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
n/a

Actual Results:  n/a

Expected Results:  n/a

Additional info:

n/a
Comment 1 Dax Kelson 2002-08-21 02:14:12 EDT
Still in Null.
Comment 2 Preston Brown 2002-08-22 22:34:43 EDT
corrected in 3.0.5-4 and later.

Note You need to log in before you can comment on or make changes to this bug.