clamav-milter chowns root/arbitrary directory
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
clamav (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Jaunty |
Fix Released
|
High
|
Ubuntu Security Team |
Bug Description
Binary package hint: clamav-milter
A clean install of clamav-milter (0.95.1+
This was witnessed breaking ssh chroot environment.
TEST CASE:
- purge any existing clamav-milter installation, make sure you don't have any old /etc/init.
- check root directory's owner (should be root:root)
- sudo apt-get install clamav-milter (the last one in Jaunty is 0.95.1+
- after installing the package, clamav-milter will start automatically (at least 'init.d/
- check the root directory's owner:
root@utest-jj:/# stat /
File: `/'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 801h/2049d Inode: 2 Links: 23
Access: (0755/drwxr-xr-x) Uid: ( 110/ clamav) Gid: ( 0/ root)
Access: 2008-05-06 13:11:06.000000000 +0300
Modify: 2009-04-24 17:50:17.000000000 +0300
Change: 2009-04-27 15:30:07.000000000 +0300
Notice how it changed to clamav:root, this shouldn't happen.
Related branches
description: | updated |
summary: |
- clamav-milter chowns root directory + clamav-milter chowns root/arbitrary directory |
Changed in clamav (Ubuntu Jaunty): | |
status: | In Progress → Fix Committed |
Confirmed and not a regression for the SRU. I installed clamav-milter 0.95.1. dfsg-1ubuntu1 (the jaunty-release revision) in a clean chroot and got:
-rw-r----- 1 clamav adm 0 Apr 24 04:21