Permission to /etc/burp are to wide, now are set to 775 but should be 755 (or even better, 700:) ). On hardened kernel I'm getting: [śro paź 7 13:46:43 2015] grsec: From 192.168.2.3: denied untrusted exec (due to file in group-writable directory) of /etc/burp/timer_script by /etc/burp/timer_script[burp:19803] uid/euid:106/106 gid/egid:111/111, parent /usr/sbin/burp[burp:19802] uid/euid:106/106 gid/egid:111/111 Reproducible: Always
Is there something I can do to help fix the bug?
Burp needs write access to this directory at least first time. The solution would be to move these scripts into different directory, e.g. somewhere in /usr/share or /usr/lib.
The easiest way is set more narrow permissons of directory /etc/burp. Moving scripts to /usr/share is also good idea but I think it's something which can be done in burp-2.x. Didi you consider to add masked ebuild for burp 2.X to the tree? With protocol=1 should be faster than burp-1.x (as we saw recently, with protocol=2 we can have data corruption in backup).
Burp needs this to be writeable. Easier would be to move these scripts out of /etc, actually.
Wrt burp-2.0 - no until upstream consider it stable. There's no point having a masked ebuild in the tree.
Fixed in burp-1.4.40-r3. I have moved scripts out of /etc. Permissions remain.
Thank you.