Subject: security/4882: 1.3 upgrade procedure fails to fix directory permissions
To: None <email@example.com>
From: None <John.Messenger@york.microvitec.co.uk>
Date: 01/24/1998 01:54:25
>Synopsis: After upgrading from 1.2G to 1.3, permissions on /var/games/hackdir were wrong.
>Responsible: gnats-admin (GNATS administrator)
>Arrival-Date: Fri Jan 23 18:05:00 1998
>Originator: John Messenger
SilCom (A Microvitec Group Company)
>Release: 1.3 (release)
System: NetBSD www 1.3 NetBSD 1.3 (GENERIC_SCSI3) #0: Thu Jan 1 19:03:39 MET 1998 pk@flambard:/usr/src1/sys/arch/sparc/compile/GENERIC_SCSI3 sparc
It seems that the "upgrade" procedure does not alter the permissions of directories
even though the permissions in the new base.tgz are different from the ones in the
filesystem being upgraded. I could not run hack after upgrading from
1.2G to 1.3, because the modes of directories in /var were wrong (e.g.,
/var/games/hackdir was still mode 755 instead of 775. This relates to the fact that
dm now runs as setgid games instead of setuid games. Admittedly, during upgrade the
etc.tgz set is not extracted, and so one can't expect the mode of /var/games/hackdir/record
to be updated. But in base.tgz, the directories have the correct new modes, but when
installed by the upgrade script, these new modes are not transferred into the filesystem.
Take a 1.2G or earlier system and follow the upgrade procedure, booting from the
miniroot and using the automatic upgrade tools.
Not known how to fix.
Workaround is to manually list the distribution sets and then go round checking and
fixing the permissions on directories.