Subject: Re: A check that would be desirable for expireover, etc. - msg#00291

Previous Message by Date: click to view message preview

Re: A check that would be desirable for expireover, etc.

Jeffrey M. Vinocur writes: On Fri, 29 Mar 2002, Joe St Sauver wrote: > I recently accidentally ran expireover as root while debugging > some other issues, with the result that root soon owned > all the tradoverviews files, INN throttled, etc. Recovery is > obviously no big deal thanks to chown -R, but still... Actually, that's not always true -- it's a common newbie mistake to do something like the initial makedbz as root, realize the mistake, and chown the entire tree to news, including the binaries which need to be SUID. So this is a potentially good idea. I'm not sure how best to do it, though. Would a setgid-news flag on makehistory take care of it? Please note i've only put a modicum of thought into this idea... rone -- Constancy of the speed of light is a conclusion, yes it is a conclusion based on nonconvincing, irrational assumptions. WHAT IS LIGHT?! Whose light? From what sourse? Please do not mention electronagnetics - the same applies to them. - Alexander Abian <abian@xxxxxxxxxxx>

Next Message by Date: click to view message preview

Re: A check that would be desirable for expireover, etc.

>Would a setgid-news flag on makehistory take care of it? Please note >i've only put a modicum of thought into this idea... It might, but it is more than I really had in mind... I was thinking more just a check that expireover is running as user news:news, and if not, simply immediately quiting with an informative message, thereby allowing the news administrator to take appropriate corrective active (e.g., manually su to news, logout and backin as news, whatever), and then rerun. Regards, Joe

Previous Message by Thread: click to view message preview

Re: A check that would be desirable for expireover, etc.

Jeffrey M. Vinocur writes: On Fri, 29 Mar 2002, Joe St Sauver wrote: > I recently accidentally ran expireover as root while debugging > some other issues, with the result that root soon owned > all the tradoverviews files, INN throttled, etc. Recovery is > obviously no big deal thanks to chown -R, but still... Actually, that's not always true -- it's a common newbie mistake to do something like the initial makedbz as root, realize the mistake, and chown the entire tree to news, including the binaries which need to be SUID. So this is a potentially good idea. I'm not sure how best to do it, though. Would a setgid-news flag on makehistory take care of it? Please note i've only put a modicum of thought into this idea... rone -- Constancy of the speed of light is a conclusion, yes it is a conclusion based on nonconvincing, irrational assumptions. WHAT IS LIGHT?! Whose light? From what sourse? Please do not mention electronagnetics - the same applies to them. - Alexander Abian <abian@xxxxxxxxxxx>

Next Message by Thread: click to view message preview

Re: A check that would be desirable for expireover, etc.

Jeffrey M Vinocur <jeff@xxxxxxxxxx> writes: > On Sat, 30 Mar 2002, figmentality wrote: >> Would a setgid-news flag on makehistory take care of it? Not for folks who use --with-umask=022, like I do. > Hmmm. Not bad at all. The tools we're concerned with (the ones that > change things; not, for example, grephistory) are mode 550 to begin > with, so there shouldn't be any security concerns. There aren't all that many of them; I think we could just put in a quick test of geteuid() at the beginning and exit if they're running as root. I think we only need to worry about expire, expireover, makehistory, and makedbz at a first pass. Most of the rest either don't create files or don't create files that need to be written later or that are too hard to fix (like innxmit or innfeed). innd and nnrpd already have code to deal with being run as root. -- Russ Allbery (rra@xxxxxxxxxxxx) <http://www.eyrie.org/~eagle/> Please send questions to the list rather than mailing me directly. <http://www.eyrie.org/~eagle/faqs/questions.html> explains why.