209385 – [hyperv] negative group permissions

Bug 209385 - [hyperv] negative group permissions

Summary: [hyperv] negative group permissions

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	bin (show other bugs)
Version:	10.3-RELEASE
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	freebsd-virtualization (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2016-05-08 20:44 UTC by Eugene Grosbein
Modified:	2017-05-19 08:02 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Eugene Grosbein 2016-05-08 20:44:32 UTC

Standard daily security output generated by FreeBSD running as guest inside Hyper-V shows:

Checking negative group permissions:
16395 -rw----r--  1 root  wheel      0 Apr 15 14:53:24 2016 /var/db/hyperv/pool/.kvp_pool_0
16396 -rw----r--  1 root  wheel      0 Apr 15 14:53:24 2016 /var/db/hyperv/pool/.kvp_pool_1
16397 -rw----r--  1 root  wheel      0 Apr 15 14:53:24 2016 /var/db/hyperv/pool/.kvp_pool_2
16398 -rw----r--  1 root  wheel  28160 Apr 20 16:27:11 2016 /var/db/hyperv/pool/.kvp_pool_3
16399 -rw----r--  1 root  wheel      0 Apr 15 14:53:24 2016 /var/db/hyperv/pool/.kvp_pool_4

Either these files should be created with more sane permissions, or this check should be relaxed to skip them.

Comment 1 Rudolph 2017-05-03 09:56:27 UTC

I can confirm this is still an issue on FreeBSD 11.0

Comment 2 commit-hook freebsd_committer

2017-05-04 01:46:34 UTC

A commit references this bug:

Author: sephe
Date: Thu May  4 01:46:05 UTC 2017
New revision: 317783
URL: https://svnweb.freebsd.org/changeset/base/317783

Log:
  hyperv/kvp: Fix pool direcrory and file permission

  PR:		209385
  MFC after:	2 weeks
  Sponsored by:	Microsoft

Changes:
  head/contrib/hyperv/tools/hv_kvp_daemon.c

Comment 3 commit-hook freebsd_committer

2017-05-18 01:33:21 UTC

A commit references this bug:

Author: sephe
Date: Thu May 18 01:32:51 UTC 2017
New revision: 318433
URL: https://svnweb.freebsd.org/changeset/base/318433

Log:
  MFC 317783
      hyperv/kvp: Fix pool direcrory and file permission

      PR:		209385
      Sponsored by:	Microsoft

Changes:
_U  stable/11/
  stable/11/contrib/hyperv/tools/hv_kvp_daemon.c

Comment 4 commit-hook freebsd_committer

2017-05-18 01:43:32 UTC

A commit references this bug:

Author: sephe
Date: Thu May 18 01:42:55 UTC 2017
New revision: 318435
URL: https://svnweb.freebsd.org/changeset/base/318435

Log:
  MFC 317783
      hyperv/kvp: Fix pool direcrory and file permission

      PR:		209385
      Sponsored by:	Microsoft

Changes:
_U  stable/10/
  stable/10/contrib/hyperv/tools/hv_kvp_daemon.c

Comment 5 Eugene Grosbein freebsd_committer

2017-05-19 08:02:50 UTC

Patched and MFC'd.