search for: suidmanag

Displaying 8 results from an estimated 8 matches for "suidmanag".

Did you mean: suidmanager
2012 Feb 23
0
Announce: Puppet 2.6.14 Available [security update]
...). (#12460) Klogin type will write to untrusted locations (write through symlinks) # Details # CVE-2012-1053 GID Issues (#12457, #12458, #12459) [ Medium ] #12457 - Real gid always present in supplementary groups Overview =================================================== In Puppet::Util::SUIDManager, Puppet tries to re-init the supplementary groups in the "initgroups" method. At lib/puppet/util/suidmanager.rb:148, it reads: Process.initgroups(Etc.getpwuid(user).name, Process.gid) Since the real gid is probably root, this always adds the gid "0" to the list of sup...
1998 Apr 28
0
[Debian 2.0] /usr/bin/suidexec gives root access
Executive summary: /usr/bin/suidexec gives every user a root shell. Remove it. tlr ----- Forwarded message from Thomas Roessler <roessler@guug.de> ----- Date: Tue, 28 Apr 1998 15:21:17 +0200 From: Thomas Roessler <roessler@guug.de> Subject: suidmanager: SECURITY BREACH: /usr/bin/suidexec gives root access to every user on the system To: submit@bugs.debian.org Package: suidmanager Version: 0.18 [This report also goes to the bugtraq mailing list.] /usr/bin/suidexec will execute arbitrary commands as root, as soon as just _one_ suid root shell...
2010 Jul 16
5
2.6.0rc3 ssh_authorized_users/parsed.rb
...ucketing is (still) being done with euid set to the user that owns the authorized_keys file, which means it fails since a normal user could never write to /var/lib/puppet. I don''t know enough ruby to be more detailed than that. The original line 64 in the file above is: Puppet::Util::SUIDManager.asuser(@resource.should(:user)) { super } The equivalent line didn''t work in 0.25.4 or 0.25.5 and it still doesn''t work in 2.6.0rc3 (RHEL5.5, rpm from tmz.fedoraproject.org). If I replace line 64 with the following line, it all works nicely. Of course, the real problem is tha...
2007 Apr 23
8
exec resources
I am consistently getting the following error from puppetd when an exec resource is triggered by a refresh event: Apr 23 10:36:11 mailhub puppetd[37884]: Reopening log files Apr 23 10:36:11 mailhub puppetd[37884]: Starting Puppet client version 0.22.3 Apr 23 10:36:11 mailhub puppetd[37884]: Starting configuration run Apr 23 10:36:12 mailhub puppetd[37884]:
2006 Dec 07
9
Exec as another user
I''m running puppetd as root and I''m trying to execute tar as the "puppetd" user 59 define untar ( $source, $dest, $creates, $user = "puppetd" ) { 60 exec { "tar -xzf $source" : 61 cwd => $dest, 62 path => "/bin:/usr/bin", 63 user => $user, 64 creates => $creates,
2006 Dec 01
1
Packages build for Solaris ? As CSW packages ?
...rtificates/certificate.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/sslcertificates/inventory.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/sslcertificates.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/statechange.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/storage.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/suidmanager.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/transaction ./opt/csw/lib/ruby/site_ruby/1.8/puppet/transaction/report.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/transaction.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/transportable.rb ./opt/csw/lib/ruby/site_ruby/1.8/puppet/type ./opt/csw/lib/ruby/site...
2011 Jul 06
7
Issue with puppet file serving api not parsing yaml content correctly
I am working on building a facter tag based node classifier similar to https://github.com/jordansissel/puppet-examples/tree/master/nodeless-puppet/. However, I have run into an issue where I cannot use puppet''s require file ability to push the yaml file containing the facts file to the client because it would require two runs of puppet to pickup changes. Consequently, I have written into
2010 Aug 25
18
Puppet hangs
Hello, we have one puppet server managing approx servers, all FreeBSD. The problem is that the puppet clients all hangs, one by one, eventually. They will run for anything between an hour up to a week. But eventually the all hang. We really like puppet and want to keep using it. But the way it is now is completely unusable. We''ve tried many versions, from 24.x, and now 2.6.1rc1. But