oss-sec mailing list archives
Re: CVE Request -- logrotate -- nine issues
From: Ludwig Nussel <ludwig.nussel () suse de>
Date: Wed, 23 Mar 2011 17:25:35 +0100
Ludwig Nussel wrote:
Josh Bressers wrote:We then will need to assign IDs for various broken uses of /var/log (If someone has a list of the currently known ones, please pass it along)AFAICS on openSUSE Factory we have cobbler
The cobbler daemon actually runs as root so having /var/log/cobbler/* owned by the web service user is likely not only a problem for logrote but also for cobbler itself when it opens files there. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Current thread:
- Re: CVE Request -- logrotate -- nine issues, (continued)
- Re: CVE Request -- logrotate -- nine issues Jan Kaluža (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Paul Martin (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Josh Bressers (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Josh Bressers (Mar 10)
- Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 10)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 10)
- Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 10)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 11)
- Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 11)
- Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 23)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 05)
- Re: CVE Request -- logrotate -- nine issues Pavel Labushev (Mar 06)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 06)
- Re: CVE Request -- logrotate -- nine issues Pavel Labushev (Mar 06)