| Summary: | msec report world writable files | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Thomas Spuhler <thomas> |
| Component: | RPM Packages | Assignee: | Remco Rijnders <remco> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | thomas |
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | mga4 too | ||
| Source RPM: | spamassassin | CVE: | |
| Status comment: | |||
|
Description
Thomas Spuhler
2014-08-12 01:21:17 CEST
Thomas Spuhler
2014-08-12 01:23:30 CEST
CC:
(none) =>
thomas You got the wrong Remmy ;-) Assigning to Remco (he's not overly available as of late though, so I'd say feel free to fix the issue if you know how). Assignee:
remi =>
r+mageia
Remco Rijnders
2014-08-12 08:17:00 CEST
Status:
NEW =>
ASSIGNED It looks like a lot of folks are making changes to this package. But I will try in cauldron first. This is used on servers, so we cannot break it. @Thomas, Thanks for the report. Use of these file permissions has been in the package since Mandriva 2007 (See https://qa.mandriva.com/show_bug.cgi?id=27424). That said, I don't think auto whitelisting is being used by default at all anymore in spamassassin. If one were to use auto whitelisting, I still think per user settings would be better than the global ones we have configured now. As such, I am going to update the package accordingly and take these files out completely. Assignee:
r+mageia =>
remco Remco, I see you made the changes in cauldron. Are you going to make them in mga4 as well? Ping I guess this is fixed in mga4: $ rpm -ql spamassassin doesn't show the file anymore Status:
ASSIGNED =>
RESOLVED |