Re: negative group permissions?
Anton Shterenlikht <mexas <at> bristol.ac.uk> writes:
>
> This was discussed in questions@ with no resolution.
> Anybody here can advise further?
> ...
Regarding file .seq or .SEQ
It is an intermediate-processing (run-time) lockfile found in various spool
dirs and their sub-dirs, like
/var/spool/cron/
/at,
/lpd, etc.
It is used to save job# by the respective programs (cron, at, etc).
You can find a ref to .SEQ in file at.c in at port sources.
I did not see ref to .seq in lpr or cron port sources.
The periodic security check
/etc/periodic/security/110.neggrpperm
checks for risque condition like
! -perm +010 -and -perm +001
The file should not be executable, according to its purpose.
So the lpr.c should be changed from
if ((fd = open(buf, O_RDWR|O_CREAT, 0661)) < 0) {
to
if ((fd = open(buf, O_RDWR|O_CREAT, 0660)) < 0) {
File a bug report.
jb
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 2 之 20 篇):