Hi Martin Thanks for notifying us. > /etc/ietd.conf will on most usual cases contain passwords, but is 644 > per default after the installations. That needs to be fixed. Well initially setting it to 640 wouldn't hurt much. Looking at the init script, it seems that there is the "dump" function, which sets the permissions to 600. Not quite sure, if users use this option to set up their configuration though, maybe you could tell me :)
However, here is the NMU proposal. Surprisingly other distros like SUSE also use 644 in their package :/ Cheers Steffen
diff -u iscsitarget-0.4.15/debian/changelog iscsitarget-0.4.15/debian/changelog --- iscsitarget-0.4.15/debian/changelog +++ iscsitarget-0.4.15/debian/changelog @@ -1,3 +1,11 @@ +iscsitarget (0.4.15-4.1) unstable; urgency=high + + * Non-maintainer upload by the testing-security team + * Make sure that ietd.conf is 640 (Closes: #448873) + (init script sets 600, when called with dump anyway) + + -- Steffen Joeris <[EMAIL PROTECTED]> Fri, 02 Nov 2007 03:23:17 +0000 + iscsitarget (0.4.15-4) unstable; urgency=low [ Frederik Schüler ] diff -u iscsitarget-0.4.15/debian/rules iscsitarget-0.4.15/debian/rules --- iscsitarget-0.4.15/debian/rules +++ iscsitarget-0.4.15/debian/rules @@ -151,6 +151,8 @@ dh_strip dh_compress dh_fixperms + # Make sure that /etc/ietd.conf is 640 + chmod 640 $(CURDIR)/debian/iscsitarget/etc/ietd.conf dh_makeshlibs dh_installdeb dh_shlibdeps
signature.asc
Description: This is a digitally signed message part.
