/etc/profile.d/debuginfd.{sh,csh} are created with 600 permissions
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
elfutils (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Incomplete
|
High
|
Sergio Durigan Junior |
Bug Description
[ Impact ]
Users installing libdebuginfod-
[ Test Plan ]
Inside a Jammy container:
# apt install -y libdebuginfod-
# ls -lah /etc/profile.
Verify that the permission of both files allow them to be world-readable.
[ Where problems could occur ]
Care has been taken to not modify existing file permissions unnecessarily by using "g+r,o+r" when invoking chmod, but it is still possible to conceive a scenario where upgrading the package would make the files world-readable when the user is actually expecting otherwise. However, such "regression" would arguably not be something supported because if the intention is to prevent non-root users from making use of debuginfod, there are better ways to achieve it.
[ Original Description ]
In a fresh container, installing libdebuginfod-
```
root@32f34f7e27
total 24K
drwxr-xr-x 1 root root 4.0K May 26 17:23 .
drwxr-xr-x 1 root root 4.0K May 26 17:23 ..
-rw-r--r-- 1 root root 96 Oct 15 2021 01-locale-fix.sh
-rw------- 1 root root 677 May 26 17:23 debuginfod.csh
-rw------- 1 root root 692 May 26 17:23 debuginfod.sh
```
when I login as a nonprivledged user, DEBUGINFOD_URLS is not set because the permissions are incorrect on the profile files.
```
# dpkg -l | grep libdebug
ii libdebuginfod-
```
description: | updated |
Changed in elfutils (Ubuntu Jammy): | |
status: | New → Triaged |
Changed in elfutils (Ubuntu): | |
status: | Confirmed → Fix Released |
Changed in elfutils (Ubuntu Jammy): | |
assignee: | nobody → Sergio Durigan Junior (sergiodj) |
importance: | Undecided → High |
description: | updated |
Changed in elfutils (Ubuntu Jammy): | |
status: | Triaged → In Progress |
tags: | added: server-todo |
tags: | removed: server-todo |
Status changed to 'Confirmed' because the bug affects multiple users.