Date: Fri, 20 Jun 2014 15:39:35 +1000 From: Murray McAllister <mmcallis@...hat.com> To: oss-security@...ts.openwall.com Subject: possible CVE request: opendnssec and softhsm permission issue Good morning, Not sure if this requires a CVE. https://bugzilla.redhat.com/show_bug.cgi?id=1098188 notes some permission errors for files in /var/softhsm/ and /var/opendnssec/ Two notes: 1) after installing those packages on Fedora 20, the directory permissions for those directories is mode 770 root:ods, so an unprivileged user cannot go in there. 2) the proposed fix in the Red Hat bug is about making certain files owned by "ods" instead of "root". It does not mention removing read permissions for other users. I do not see a leak here, but am not familiar with opendnssec and softhsm. It may have been filed as a security issue here due to https://issues.opendnssec.org/browse/SUPPORT-136 (as noted in the bug). I'll mail about that one shortly. Thanks, -- Murray McAllister / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ