- Fix security concern about instuction in pkg-message. In pkg-message there is instruction that all log files checked by logcheck should be readable by wheel group. By default, some log files such as /var/log/auth.log or /var/log/security is readable only by root because it may include some sensitive information. So if you want to check these files by logcheck, you are required to make them readable by wheel group user. But primary purpose of wheel group is to limit the users who can get root privilige by using su(1). So it is quite common that some users belong to wheel group. Then let's think of following situation. A user who belongs to wheel group logged in to server and went to lunch forgetting to logout or lock screen. Then someone evil came and found unlocked terminal. If the permission of /var/log/auth.log of /var/log/security is not changed, the evil cannot read them unless he knows root password of the server. But if these files readable by wheel group, he can read these log files simply by displaying them using cat, less, or similar command, and access to sensitive information inside them. So the instructions should be changed so that all log files checked by logcheck should be readable by logcheck group rather than wheel group. - Stop adding user 'logcheck' to wheel group. - Use 915/915 as UID/GID of 'logcheck' user. - Use /var/db/logcheck instead of /var/lib/logcheck because /var/lib is not accessible by non-wheel user. - Use MASTER_SITE_DEBIAN as MASTER_SITES. - Use USE_PERL5 for perl dependency. - Use @dirrmtry in pkg-plist. - Bump PORTREVISION. I think this patch should be committed by asking for portmgr's approval before final package build for 6.4/7.1 is started.
Responsible Changed From-To: freebsd-ports-bugs->glarkin Over to maintainer (via the GNATS Auto Assign Tool)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Yasuhiro, Thank you for the security/logcheck patch. Coincidentally, I recently submitted a commit request to portmgr@FreeBSD.org for a very similar patch of my own, found here: http://people.freebsd.org/~glarkin/diffs/logcheck-5.diff However, my patch does not address the main security issue that you raised regarding the membership of the logcheck user in the wheel group. I will take your patch and incorporate it into my existing work and resubmit for portmgr approval. Best regards, Greg - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIxuBC0sRouByUApARAte/AKCLeiPmLrENXZubaF7aPE1kvn9jlACgidRG xdsQysULz9aj980fCWFavAg= =aB1I -----END PGP SIGNATURE-----
glarkin 2008-09-11 00:30:09 UTC FreeBSD ports repository Modified files: . UIDs UPDATING security/logcheck Makefile pkg-plist security/logcheck/files patch-src__logcheck pkg-deinstall.in pkg-install.in pkg-message.in Log: - Fixed logcheck script silent failure in previous commit - Added handling for crontab installation problems - Incorported security fixes from PR opened after previous commit - Added UPDATING entry since configuration options have changed fairly significantly PR: ports/122842 Submitted by: Cezary Morga <cm@therek.net> PR: ports/127255 Submitted by: Yasuhiro KIMURA <yasu at utahime dot org> Reviewed by: glarkin Approved by: beech (mentor, implicit) Approved by: portmgr (marcus) Security: Incorrect addition of logcheck user to wheel group Revision Changes Path 1.75 +2 -2 ports/UIDs 1.717 +49 -1 ports/UPDATING 1.23 +28 -18 ports/security/logcheck/Makefile 1.2 +14 -6 ports/security/logcheck/files/patch-src__logcheck 1.2 +2 -2 ports/security/logcheck/files/pkg-deinstall.in 1.2 +17 -8 ports/security/logcheck/files/pkg-install.in 1.2 +2 -2 ports/security/logcheck/files/pkg-message.in 1.11 +3 -3 ports/security/logcheck/pkg-plist _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed after incorporating security fixes into a pre-existing patch, thanks!