[pca] pca buglet?
Glenn Satchell
glenn.satchell at uniq.com.au
Sun May 22 15:15:14 CEST 2011
No, it's not umask setting.
The default behaviour is to make the patchdiag.xref file be world
writable. This allows any user to run pca and download the latest
version of that file.
As mentioned by Jeff Wieland, there is a switch --xrefown to turn off
the behaviour, so the original poster need only use this on the command
line, or make this setting in pca.conf to solve his problem.
regards,
-glenn
On 05/22/11 08:56, Rajiv Gunja wrote:
> + check umask settings for the ID which is downloading the xref.
>
> -GGR
> --
> Rajiv G Gunja
> Blog: http://ossrocks.blogspot.com
>
>
> On Fri, May 20, 2011 at 16:25, Jeff Wieland <wieland at purdue.edu
> <mailto:wieland at purdue.edu>> wrote:
>
> You can use the --xrefdir= option to have it put the xref file
> somewhere else, or the --xrefown option to set it to be writable
> by the current user only. I'm not certain why your vulnerability
> scanner would care about what's in /var/tmp on a Solaris box...
>
>
> Jeff Earickson wrote:
>
> Martin,
>
> My version of pca: 20110329-01. I've noticed that when pca
> downloads
> patchdiag.xref to /var/tmp,
> the permissions end up as chmod 666. Our vulnerability scanner
> complains about this as a world-writable file.
> Any idea how its permissions are set? Is this something that be
> fixed in pca?
>
> -----------------------------------
> Jeff A. Earickson, Ph.D
> Senior Server System Administrator
> Colby College,
> 4214 Mayflower Hill,
> Waterville ME, 04901-8842
> 207-859-4214 <tel:207-859-4214> (fax 207-859-4186
> <tel:207-859-4186>)
> Eastern Time Zone, USA
> -----------------------------------
More information about the pca
mailing list