[Slackbuilds-users] rsync the repo; some (not all) repo folders are SGID
Alan C
acummingsus at gmail.com
Sat Oct 20 18:40:33 UTC 2007
On 10/20/07, Eric Hameleers (SBo) <alien at slackbuilds.org> wrote:
>
> Eric Hameleers (SBo) schreef:
[ as rsync'd, some of folders in SW 12.0 sbo repo have the SGID on them ]
> Thanks for reporting.
Thank you.
>
> > Eric
>
>
> It is even more widespread - in the 11.0 repository as well, and also
> in some of the directories used by the admins. Might it be a "feature"
> of the server we are working on?
Well, that's what I was wondering -- that is, if it were a "feature" and
thus I should not report it -- or, heaven forbid, what if it turned out that
there were some "feature" on *my* computer/system that, unknown to me, was
operating secretly in the background doing abra cadabra or secret magic.
(although, next is the command that I ran) (and its output showed [to my
intermediate level sys admin eyes] that my file sys appeared normal
elsewhere except for in the rsync'd sbo 12 repo)
find / -perm +02000 -exec ls -ld {} ; 2> /dev/null > /tmp/SGID.files
What started all of this is twofold. ie both my curiosity and that I had
been following a thread on either comp.os.linux.security or on
comp.os.linux.networking
They were having a security related discussion and the topic turned to SUID
and SGID file permissions. Someone posted the above command and the next
command
find / -perm +04000 -exec ls -ld {} ; 2> /dev/null > /tmp/SUID.files
--
(The specific mentioned SGID on *some* issue) It should be harmless though?
Right?
That is, no harm can happen, even if given a worse case scenario? ie
someone from a different group logs on -- and, what can they do? -- the
worst is to build a Slackware package (I'm of course guessing since this
maybe probably stretches my sys admin skills).
--
Alan.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20071020/0f6196be/attachment-0002.html
More information about the Slackbuilds-users
mailing list