Subject: misc/18670: lastlog has bad permissions by default
To: None <gnats-bugs@gnats.netbsd.org>
From: None <xs@kittenz.org>
List: netbsd-bugs
Date: 10/16/2002 13:38:52
>Number: 18670
>Category: misc
>Synopsis: lastlog has bad permissions by default
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: misc-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Oct 16 06:11:03 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:
>Release: NetBSD 1.6I
>Organization:
>Environment:
System: NetBSD stasis 1.6I NetBSD 1.6I (STASIS) #8: Thu Oct 10 13:02:47 BST 2002 xs@stasis:/usr/src/sys/arch/i386/compile/STASIS i386
Architecture: i386
Machine: i386
/usr/src/etc/Makefile:
$NetBSD: Makefile,v 1.228 2002/10/05 15:23:19 grant Exp $
/usr/src/etc/mtree/special:
$NetBSD: special,v 1.66 2002/10/09 14:55:54 elric Exp $
>Description:
lastlog has default permissions of 664, but the group owner is
wheel. lastlog has no entry in /etc/mtree/special.
>How-To-Repeat:
ls -l /var/log/lastlog
>Fix:
Index: Makefile
===================================================================
RCS file: /cvsroot/basesrc/etc/Makefile,v
retrieving revision 1.228
diff -u -r1.228 Makefile
--- Makefile 2002/10/05 15:23:19 1.228
+++ Makefile 2002/10/16 12:23:00
@@ -198,7 +198,7 @@
${DESTDIR}/var/log/aculog
${INSTALL_FILE} -o ${BINOWN} -g ${BINGRP} -m 600 /dev/null \
${DESTDIR}/var/log/authlog
- ${INSTALL_FILE} -o ${BINOWN} -g ${BINGRP} -m 664 /dev/null \
+ ${INSTALL_FILE} -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \
${DESTDIR}/var/log/lastlog
${INSTALL_FILE} -o ${BINOWN} -g ${BINGRP} -m 640 /dev/null \
${DESTDIR}/var/log/lpd-errs
Index: mtree/special
===================================================================
RCS file: /cvsroot/basesrc/etc/mtree/special,v
retrieving revision 1.66
diff -u -r1.66 special
--- mtree/special 2002/10/09 14:55:54 1.66
+++ mtree/special 2002/10/16 12:23:00
@@ -299,6 +299,7 @@
./var/db/kvm.db type=file mode=0644 tags=exclude
./var/log type=dir mode=0755
./var/log/authlog type=file mode=0600 optional tags=exclude
+./var/log/lastlog type=file mode=0644 tags=exclude
./var/log/wtmp type=file mode=0644 tags=exclude
./var/log/wtmpx type=file mode=0644 tags=exclude
./var/mail type=dir mode=1777 ignore
>Release-Note:
>Audit-Trail:
>Unformatted: