Bug 35881 - UCS-4.0: 00_base/26check_logfiles_general world readbale log files
UCS-4.0: 00_base/26check_logfiles_general world readbale log files
Status: CLOSED FIXED
Product: UCS Test
Classification: Unclassified
Component: General
unspecified
Other Linux
: P5 normal (vote)
: UCS 4.0
Assigned To: Stefan Gohmann
Arvid Requate
: interim-3
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-09-11 09:00 CEST by Philipp Hahn
Modified: 2014-11-26 06:54 CET (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2014-09-11 09:00:57 CEST
*** 00_base/26check_logfiles_general *** Sensitive logfiles are not world-readable ***
error 2014-09-10 15:42:53        Expected -d /var/log/samba 0750 root adm, found   Datei: „/var/log/samba“
  Größe: 4096           Blöcke: 8          EA Block: 4096   Verzeichnis
Gerät: ca01h/51713d     Inode: 144379      Verknüpfungen: 3
Zugriff: (0750/drwxr-x---)  Uid: (    0/    root)   Gid: (    0/    root)
Zugriff    : 2014-09-10 15:42:44.360000000 +0200
Modifiziert: 2014-09-07 06:25:06.656000000 +0200
Geändert   : 2014-09-07 06:25:06.656000000 +0200
 Geburt    : -
***Searching for world-readable logfiles:
Some potentially sensitive log files are world-readable:
-rw-r--r-- 1 root root  4995 Sep  2 12:03 /var/log/boot.log
-rw-r--r-- 1 root root 27440 Aug 20 15:11 /var/log/installer/hardware-summary
-rw-r--r-- 1 root root   151 Aug 20 15:11 /var/log/installer/lsb-release
-rw-r--r-- 1 root root 65414 Aug 20 15:11 /var/log/installer/status
*** END *** 1 ***

Need to be ignored or chmoddded.
Comment 1 Philipp Hahn univentionstaff 2014-09-11 09:01:16 CEST
*** BEGIN *** ['/bin/bash', '27check_logfiles_univention'] ***
*** 00_base/27check_logfiles_univention *** World-readable Univention-specific logfiles ***
Some potentially sensitive log files are world-readable:
-rw-r--r-- 1 root root 0 Sep  3 00:00 /var/log/univention/directory-reports-cleanup.log
*** END *** 1 ***
Comment 2 Stefan Gohmann univentionstaff 2014-10-12 14:40:19 CEST
(In reply to Philipp Hahn from comment #0)
> *** 00_base/26check_logfiles_general *** Sensitive logfiles are not
> world-readable ***
> error 2014-09-10 15:42:53        Expected -d /var/log/samba 0750 root adm,
> found   Datei: „/var/log/samba“
>   Größe: 4096           Blöcke: 8          EA Block: 4096   Verzeichnis
> Gerät: ca01h/51713d     Inode: 144379      Verknüpfungen: 3
> Zugriff: (0750/drwxr-x---)  Uid: (    0/    root)   Gid: (    0/    root)
> Zugriff    : 2014-09-10 15:42:44.360000000 +0200
> Modifiziert: 2014-09-07 06:25:06.656000000 +0200
> Geändert   : 2014-09-07 06:25:06.656000000 +0200
>  Geburt    : -
> ***Searching for world-readable logfiles:
> Some potentially sensitive log files are world-readable:
> -rw-r--r-- 1 root root  4995 Sep  2 12:03 /var/log/boot.log
> -rw-r--r-- 1 root root 27440 Aug 20 15:11 /var/log/installer/hardware-summary
> -rw-r--r-- 1 root root   151 Aug 20 15:11 /var/log/installer/lsb-release
> -rw-r--r-- 1 root root 65414 Aug 20 15:11 /var/log/installer/status
> *** END *** 1 ***
> 
> Need to be ignored or chmoddded.

Ignored with r54343

(In reply to Philipp Hahn from comment #1)
> *** BEGIN *** ['/bin/bash', '27check_logfiles_univention'] ***
> *** 00_base/27check_logfiles_univention *** World-readable
> Univention-specific logfiles ***
> Some potentially sensitive log files are world-readable:
> -rw-r--r-- 1 root root 0 Sep  3 00:00
> /var/log/univention/directory-reports-cleanup.log
> *** END *** 1 ***

Ignored with r54344

Changelog not required because ucs-test is unmaintained.
Comment 3 Arvid Requate univentionstaff 2014-11-05 12:46:50 CET
Ok.
Comment 4 Stefan Gohmann univentionstaff 2014-11-26 06:54:21 CET
UCS 4.0-0 has been released:
 http://docs.univention.de/release-notes-4.0-0-en.html
 http://docs.univention.de/release-notes-4.0-0-de.html

If this error occurs again, please use "Clone This Bug".