Open
Description
Download unix-privsec-check version 1.4 and open the file with an editor.
Go to the line 498.
-----------------------
world_can_read () {
O_MESSAGE_STACK=$1
O_FILE=$2
P=`ls -lLd $O_FILE | cut -c 8`
if [ "$P" = "w" ]; then
echo "WARNING: $O_MESSAGE_STACK World read is set for $O_FILE"
fi
}
------------
The world_can_read function check for the bit 'w' and not the bit 'r'.
This is wrong, because in this function we are checking for world readable and
not world writeable files or directories.
Regards,
R.
--
Roberto Martelloni \ boos
http://boos.core-dumped.info
Original issue reported on code.google.com by [email protected] on 21 Mar 2014 at 10:27