85247 – [SECURITY] www/oops oops user creation possible problem

Bug 85247 - [SECURITY] www/oops oops user creation possible problem

Summary: [SECURITY] www/oops oops user creation possible problem

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Sergey Matveychuk

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-08-23 15:20 UTC by Dmitry Morozovsky
Modified:	2005-08-24 18:57 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
file.diff (844 bytes, patch) 2005-08-23 15:20 UTC, Dmitry Morozovsky	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dmitry Morozovsky freebsd_committer

2005-08-23 15:20:07 UTC

It has been somehow overlooked that oops pseudo-user created by th einstall
script has default group of 0.  Having in mind that many systems now have
sudo(8) installed and, moreover, most of known sudo configurations use group
wheel (0) as privileged.

So, I've decided to change default group to nogroup.

As this fault may have security impacts, I'd like to see this patch committed before 6.0-R.

Comment 1 Sergey Matveychuk freebsd_committer

2005-08-24 15:59:40 UTC

Responsible Changed
From-To: freebsd-ports-bugs->sem

Take it

Comment 2 Sergey Matveychuk freebsd_committer

2005-08-24 17:50:18 UTC

State Changed
From-To: open->analyzed

Analyzed. Wait for portmgr approval.

Comment 3 Sergey Matveychuk freebsd_committer

2005-08-24 18:57:02 UTC

State Changed
From-To: analyzed->closed

Committed, thanks!