Summary: | dev-db/aerospike-server-community: system executable owned by non-root user | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Orlitzky <mjo> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | patrick |
Priority: | Normal | Keywords: | PMASKED |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | ~4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Deadline: | 2021-01-17 |
Description
Michael Orlitzky
2017-08-31 01:48:00 UTC
Is this a Gentoo specific issue? it may be good to report upstream about this. Gentoo Security Padawan ChrisADR The ebuild does, fowners aerospike:aerospike /usr/bin/asd so it's probably not upstream. If /usr/bin/asd is still owned by a non-root user after deleting that line, then we can blame upstream. This should be a pretty easy issue to fix within two years =P ping... Package was treecleaned: commit 7a467253e33c4cd9d4b65cd6fb088fa69952b115 Author: Michał Górny <mgorny@gentoo.org> Date: Tue Jan 19 09:37:19 2021 +0100 dev-db/aerospike-server-community: Remove last-rited pkg Bug: https://bugs.gentoo.org/736050 Signed-off-by: Michał Górny <mgorny@gentoo.org> All versions unstable so all done here. |