rpms / libreport

Clone
Source Code
GIT

Files

f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 main rawhide
  1.   f21
  2.   0077-build-switch-the-default-dump-dir-mode-to-0640.patch
Blob Blame History Raw 
From d70f04d50bc65dfd839316dbe2668ff195cf1fef Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Tue, 28 Apr 2015 12:49:38 +0200
Subject: [PATCH] build: switch the default dump dir mode to 0640

The 0660 allows root escalations in ABRT. We don't really need to have
the dump directories writable for the group as ABRT processes run under
root. We introduced 0x1 for group with the switch to /var/tmp/abrt
because we thought that we will have ABRT processes run under the user
abrt, but there are no signs that we will ever pursue such a setup.

Related: #1212861

Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
 configure.ac | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 01d9f83..4f7e504 100644
--- a/configure.ac
+++ b/configure.ac
@@ -282,8 +282,8 @@ AC_PATH_PROG(AUGPARSE, augparse, no)
 
 AC_ARG_WITH([defaultdumpdirmode],
             AS_HELP_STRING([--with-defaultdumpdirmode=OCTAL-MODE],
-                           [Default dump dir mode (default: 0660)]),
-            [], [with_defaultdumpdirmode="0660"])
+                           [Default dump dir mode (default: 0640)]),
+            [], [with_defaultdumpdirmode="0640"])
 AC_SUBST([DEFAULT_DUMP_DIR_MODE], [$with_defaultdumpdirmode])
 
 DUMP_DIR_OWNED_BY_USER=1
-- 
2.1.0
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.