[Pkg-zenoss-team] [Zenoss] #1762: [security] unsafe creation of pid/data files
Zenoss
trac at zenoss.org
Mon Jul 9 16:42:57 UTC 2007
#1762: [security] unsafe creation of pid/data files
----------------------+-----------------------------------------------------
Reporter: bzeimetz | Owner: edahl
Type: defect | Status: new
Priority: blocker | Milestone:
Component: All | Version: 2.0.1
Severity: Hours | Keywords: security
----------------------+-----------------------------------------------------
from the instance's var directory:
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zenactions.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zencommand.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:09 zeneventlog.py.pid
-rw-rw-rw- 1 zenoss zenoss 10485760 2007-07-09 17:08 zenhub-1.zec
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zenhub.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zenmodeler.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zenperfsnmp.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zenping.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zenprocess.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zenstatus.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zensyslog.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:08 zentrap.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:09 zenwinmodeler.py.pid
-rw-rw-rw- 1 zenoss zenoss 4 2007-07-09 17:09 zenwin.py.pid
640 is a way better mode here, we don't want to allow every fool to mess
with our daemons.
--
Ticket URL: <http://dev.zenoss.com/trac/ticket/1762>
Zenoss <http://example.com/>
Zenoss Monitoring System
More information about the Pkg-zenoss-team
mailing list