Bug 38825 - UMC-Webserver: check file system permissions of PID file
UMC-Webserver: check file system permissions of PID file
Product: UCS
Classification: Unclassified
Component: UMC (Generic)
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0-2-errata
Assigned To: Philipp Hahn
Florian Best
Depends on: 25162 38847
Blocks: 29450
  Show dependency treegraph
Reported: 2015-07-03 07:21 CEST by Stefan Gohmann
Modified: 2016-09-21 18:10 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2015-07-03 07:21:31 CEST
Please merge it to UCS 4.0 as well.

+++ This bug was initially created as a clone of Bug #25162 +++
Comment 1 Philipp Hahn univentionstaff 2015-07-03 16:17:50 CEST
r61756 | Bug #38825 UMC: Make PID files not world-writable.

Package: univention-management-console-frontend
Version: 4.1.106-72.1060.201507031559
Branch: ucs_4.0-0
Scope: errata4.0-2

r61758 | Bug #38825 UMC: Make PID files not world-writable YAML

OK: aptitude install '?source-package(univention-management-console-frontend)~i'
OK: find /var/run/ -type f -perm /0002 -ls
FYI: The old file stays behind until the next reboot
Comment 2 Florian Best univentionstaff 2015-07-07 12:33:23 CEST
OK: the PID files are 0600 now, UMC-Webserver functionality still works.
Comment 3 Janek Walkenhorst univentionstaff 2015-08-06 17:54:54 CEST