Debian bug report logs - #1655 world-writable httpd pid file Package: cern-httpd ; Reported by: Marek Michalkiewicz ; 19 days old. ----------------------------------------------------------------------- Message received at debian-bugs: From i17linuxb.ists.pwr.wroc.pl!marekm Thu Oct 12 13:21:48 1995 Return-Path: Received: from pixar.com by mongo.pixar.com with smtp (Smail3.1.28.1 #15) id m0t3U8S-000HC7C; Thu, 12 Oct 95 13:21 PDT Received: from i17linuxb.ists.pwr.wroc.pl by pixar.com with SMTP id AA29774 (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Thu, 12 Oct 1995 13:21:22 -0700 Received: (from marekm@localhost) by i17linuxb.ists.pwr.wroc.pl (8.6.12/8.6.9) id VAA32146 for debian-bugs@pixar.com; Thu, 12 Oct 1995 21:21:36 +0100 From: Marek Michalkiewicz Message-Id: <199510122021.VAA32146@i17linuxb.ists.pwr.wroc.pl> Subject: world-writable httpd pid file To: debian-bugs@pixar.com Date: Thu, 12 Oct 1995 21:21:31 +0100 (MET) X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 350 Package: cern-httpd Version: 3.0-4 The CERN httpd does umask(0) and all files it creates (pid, logs) are mode 666. Not good. To fix: find umask(0) in HTDaemon.c and remove it. I have sent a report about this to httpd@w3.org long time ago and even received a reply that this is in fact a bug, but 3.0 is probably still the latest version... Marek ----------------------------------------------------------------------- Acknowledgement sent to Marek Michalkiewicz : New bug report received and forwarded. Full text available. ----------------------------------------------------------------------- Report forwarded to debian-devel@pixar.com : Bug#1655 ; Package cern-httpd . Full text available. ----------------------------------------------------------------------- Ian Jackson / iwj10@thor.cam.ac.uk , with the debian-bugs tracking mechanism This page last modified 07:43:01 GMT Wed 01 Nov