ubuntu-eee-coders team mailing list archive

[dth <destotelhorus@xxxxxxxxxxxxxx>]

I compared the file-rights of a clean ubuntu with those of ubuntu-eee and got:
left is a clean ubuntu, right is ubuntu-eee

/bin
-rwsr-xr-- root fuse fusermount                               | -rwxr-xr-- root root fusermount
-rwsr-xr-x root root mount                                    | -rwxr-xr-x root root mount     
-rwsr-xr-x root root ping                                     | -rwxr-xr-x root root ping     
-rwsr-xr-x root root ping6                                    | -rwxr-xr-x root root ping6     
-rwsr-xr-x root root su                                       | -rwxr-xr-x root root su     
-rwsr-xr-x root root umount                                   | -rwxr-xr-x root root umount     

/usr/bin
-rwsr-sr-x daemon daemon at                                   | -rwxr-xr-x root root at     
-rwxr-sr-x root shadow chage                                  | -rwxr-xr-x root root chage     
-rwsr-xr-x root root chfn                                     | -rwxr-xr-x root root chfn  
-rwsr-xr-x root root chsh                                     | -rwxr-xr-x root root chsh     
-rwxr-sr-x root crontab crontab                               | -rwxr-xr-x root root crontab     
-rwxr-sr-x root shadow expiry                                 | -rwxr-xr-x root root expiry     
-rwsr-xr-x root root gpasswd                                  | -rwxr-xr-x root root gpasswd     
-rwxr-sr-x root tty wall                                      | -rwxr-xr-x root root wall     
-rwsr-sr-x root root X                                        | -rwxr-xr-x root root X     
-rwxr-sr-x root utmp xterm                                    | -rwxr-xr-x root root xterm     

/usr/local/bin

/sbin

/etc
-rw-r----- root daemon at.deny                                | -rw-r----- root root at.deny
drwxr-s--- root dip chatscripts                               | drwxr-x--- root root chatscripts     
drwxr-xr-x root dip ppp                                       | drwxr-xr-x root root ppp     
-rwxr-xr-x root root rc.local                                 | -rw-r--r-- root root rc.local     
-rw-r----- root dialout wvdial.conf                           | -rw-r----- root root wvdial.conf     

/etc/ppp
drwxr-s--- root dip peers                                     | drwxr-x--- root root peers     


/etc/fuse.conf is wrong, too, but got corrected by me so it wont show up here

-- 
Lots of wrong permissions or missing setuid,setgid: /dev/fuse, unix_chkpwd, passwd, mount, ping, ...
https://bugs.launchpad.net/bugs/286465
You received this bug notification because you are a member of Ubuntu
Eee Coders, which is subscribed to Ubuntu Eee.

Status in Ubuntu Eee: Confirmed

Bug description:
A lot of permissions seem to have been lost when packaging ubuntu-eee.

The ones i hit:
/dev/fuse -> https://bugs.launchpad.net/ubuntu-eee/+bug/266883
unix_chkpwd -> https://bugs.launchpad.net/ubuntu-eee/+bug/261497
passwd -> https://bugs.launchpad.net/ubuntu-eee/+bug/271111
mount (wrong group, missing SGID)
ping (normal users can't use ping: "ping: icmp open socket: Operation not permitted")
pppd (normal users can't use pppd despite being in the dip group)

--------------------------------------------------------------------------------
Collection of fixes (these modify the permissions to be like on regular ubuntu):

sudo chown root:shadow /sbin/unix_chkpwd
sudo chmod 2755 /sbin/unix_chkpwd
sudo chgrp fuse /dev/fuse
sudo chmod 660 /dev/fuse
sudo chmod u+s /bin/mount
sudo chmod u+s /usr/bin/passwd
sudo chmod u+s /bin/ping
sudo chgrp dip /usr/sbin/pppd
sudo chmod u+s,g+x /usr/sbin/pppd