Debian bug report logs - #1655
world-writable httpd pid file
Package: cern-httpd; Reported by: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>; 19 days old.
Message received at debian-bugs:
From i17linuxb.ists.pwr.wroc.pl!marekm Thu Oct 12 13:21:48 1995
Return-Path: <marekm@i17linuxb.ists.pwr.wroc.pl>
Received: from pixar.com by mongo.pixar.com with smtp
(Smail3.1.28.1 #15) id m0t3U8S-000HC7C; Thu, 12 Oct 95 13:21 PDT
Received: from i17linuxb.ists.pwr.wroc.pl by pixar.com with SMTP id AA29774
(5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Thu, 12 Oct 1995 13:21:22 -0700
Received: (from marekm@localhost) by i17linuxb.ists.pwr.wroc.pl (8.6.12/8.6.9) id VAA32146 for debian-bugs@pixar.com; Thu, 12 Oct 1995 21:21:36 +0100
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
Message-Id: <199510122021.VAA32146@i17linuxb.ists.pwr.wroc.pl>
Subject: world-writable httpd pid file
To: debian-bugs@pixar.com
Date: Thu, 12 Oct 1995 21:21:31 +0100 (MET)
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Content-Length: 350
Package: cern-httpd
Version: 3.0-4
The CERN httpd does umask(0) and all files it creates (pid, logs) are
mode 666. Not good. To fix: find umask(0) in HTDaemon.c and remove it.
I have sent a report about this to httpd@w3.org long time ago and even
received a reply that this is in fact a bug, but 3.0 is probably still
the latest version...
Marek
Acknowledgement sent to Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>:
New bug report received and forwarded.
Full text available.
Report forwarded to debian-devel@pixar.com:
Bug#1655; Package cern-httpd.
Full text available.
Ian Jackson /
iwj10@thor.cam.ac.uk,
with the debian-bugs tracking mechanism