Bug 9981 - /var/lib/rpm is being set mode 755 which appears to be a security issue
Summary: /var/lib/rpm is being set mode 755 which appears to be a security issue
Status: RESOLVED INVALID
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: Cauldron
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Thierry Vignaud
QA Contact:
URL:
Whiteboard:
Keywords: Triaged
Depends on:
Blocks:
 
Reported: 2013-05-04 18:18 CEST by George Mitchell
Modified: 2013-05-05 16:40 CEST (History)
0 users

See Also:
Source RPM: rpm-4.11.0.1-1.mga3.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description George Mitchell 2013-05-04 18:18:05 CEST 
Description of problem:

/var/lib/rpm mode is set to 755.  According to Red Hat's sectool, this is a security issue since it leaves the package databases insecure.  Securing this directory screws up the mgaapplet perl script.  This REALLY needs to be looked at. I know there is likely no easy resolution to this issue.  But it looks like a serious security issue to me and something needs to be done to address it.

 
Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.


Reproducible: 

Steps to Reproduce:
Comment 1 George Mitchell 2013-05-04 19:10:35 CEST 
Actually, there appears to be an easy solution.  Set /var/lib/rpm to 750.  Add rpm group to user's group permissions.  That should resolve this.
Manuel Hiebel 2013-05-05 12:12:15 CEST

Keywords: (none) => Triaged
Version: 3 => Cauldron
Assignee: bugsquad => thierry.vignaud

Comment 2 David Walser 2013-05-05 16:40:30 CEST 
This is already handled by msec.  In the secure level the rpm stuff is only readable by the rpm group.  In the standard level, all the 755/644 means is that regular users can query the package database.

Status: NEW => RESOLVED
Resolution: (none) => INVALID
Note You need to log in before you can comment on or make changes to this bug.