[Pkg-zope-developers] Bug#313621: Local Secuirity Bag? was [Re: Bug#313621: Minor error in script mkzope2.7instance]
Dmitry E. Oboukhov
"Dmitry E. Oboukhov" <dimka@uvw.ru>, 313621@bugs.debian.org
Tue, 14 Jun 2005 23:17:11 +0400
what next
> > uvw.ru:[/home/dimka]# ls -l /tmp|grep demo-mkzope
> > drwxr-x--- 9 root root 4096 2005-06-14 21:07 demo-mkzope2.7instance
> > ^^^^^^^^^
>
> Can you please provide the output of
>
> ls -lR /tmp/demo-mkzope2.7instance
>
> as root?
>
> Thanks,
ls -lR /tmp/demo-mkzope2.7instance
/tmp/demo-mkzope2.7instance:
итого 36
drwxr-xr-x 2 zope zope 4096 2005-06-14 22:32 bin
drwxr-xr-x 2 zope zope 4096 2005-06-14 22:32 etc
drwxr-xr-x 2 zope zope 4096 2005-06-14 22:32 Extensions
drwxr-xr-x 2 zope zope 4096 2005-06-14 22:32 import
-rw-r--r-- 1 root root 40 2005-06-14 22:32 inituser
^^^^^^^^^^
subj! Problem:
all users readable this file,
file contain hash for password administrator
I whrile small cgi-script and crack/hack site (zope) (theoretically ;))
PS: sorry my bad english!
~~~~~~~~~~~~~~~~~~~~~~~~~
PPS: I must register this BUG?