[Adduser-devel] Bug#430637: adduser: Incorrect mode when deluser generate archives
Vincent Danjean
vdanjean at debian.org
Tue Jun 26 08:25:23 UTC 2007
Package: adduser
Version: 3.103
Severity: important
Tags: patch
When generating a archive (BACKUP = 1) with deluser, the perl program
set the umask to 600 (decimal number, = 01130 in octal) instead of 0600
(octal number). This lead to an archive with the permissions set to
---x-wx--T
You must change the "chmod 600" to "chmod 0600" in /usr/sbin/deluser
I set the severity to important because this can have security issues
(but I'm not sure of that)
Best regards,
Vincent
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-rc5-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages adduser depends on:
ii cdebconf [debconf-2.0] 0.116 Debian Configuration Management Sy
ii debconf [debconf-2.0] 1.5.13 Debian configuration management sy
ii passwd 1:4.0.18.1-9 change and administer password and
ii perl-base 5.8.8-7 The Pathologically Eclectic Rubbis
adduser recommends no packages.
-- debconf information:
* adduser/homedir-permission: true
More information about the Adduser-devel
mailing list