Subject: security/4882: 1.3 upgrade procedure fails to fix directory permissions
To: None <>
From: None <>
List: netbsd-bugs
Date: 01/24/1998 01:54:25
>Number:         4882
>Category:       security
>Synopsis:       After upgrading from 1.2G to 1.3, permissions on /var/games/hackdir were wrong.
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    gnats-admin (GNATS administrator)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jan 23 18:05:00 1998
>Originator:     John Messenger
		SilCom (A Microvitec Group Company)
>Release:        1.3 (release)
System: NetBSD www 1.3 NetBSD 1.3 (GENERIC_SCSI3) #0: Thu Jan 1 19:03:39 MET 1998 pk@flambard:/usr/src1/sys/arch/sparc/compile/GENERIC_SCSI3 sparc

	It seems that the "upgrade" procedure does not alter the permissions of directories
	even though the permissions in the new base.tgz are different from the ones in the
	filesystem being upgraded.  I could not run hack after upgrading from
	1.2G to 1.3, because the modes of directories in /var were wrong (e.g., 
	/var/games/hackdir was still mode 755 instead of 775.  This relates to the fact that
	dm now runs as setgid games instead of setuid games.  Admittedly, during upgrade the 
	etc.tgz set is not extracted, and so one can't expect the mode of /var/games/hackdir/record
	to be updated.  But in base.tgz, the directories have the correct new modes, but when
	installed by the upgrade script, these new modes are not transferred into the filesystem.

	Take a 1.2G or earlier system and follow the upgrade procedure, booting from the
	miniroot and using the automatic upgrade tools.
	Not known how to fix.
	Workaround is to manually list the distribution sets and then go round checking and
	fixing the permissions on directories.