aboutsummaryrefslogtreecommitdiffstats
path: root/main/rsyslog
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2015-07-08 09:20:58 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2015-07-08 09:21:49 +0000
commit3cb5210cdac46fb8805d4028df16f5889f393a09 (patch)
treec3801ac6f16d49f6cbe45436fbc81701b17ecc32 /main/rsyslog
parent2e69cac04a8d64d5065c248eb6fd078000434e17 (diff)
downloadaports-3cb5210cdac46fb8805d4028df16f5889f393a09.tar.bz2
aports-3cb5210cdac46fb8805d4028df16f5889f393a09.tar.xz
main/rsyslog: fix default permissions (CVE-2015-3243)
ref #4406
Diffstat (limited to 'main/rsyslog')
-rw-r--r--main/rsyslog/APKBUILD8
-rw-r--r--main/rsyslog/rsyslog.conf7
2 files changed, 11 insertions, 4 deletions
diff --git a/main/rsyslog/APKBUILD b/main/rsyslog/APKBUILD
index d336a6864d..e934e30cd2 100644
--- a/main/rsyslog/APKBUILD
+++ b/main/rsyslog/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: cbanta@gmail.com
pkgname=rsyslog
pkgver=8.9.0
-pkgrel=1
+pkgrel=2
pkgdesc="Enhanced multi-threaded syslogd with database support and more."
url="http://www.rsyslog.com/"
arch="all"
@@ -100,20 +100,20 @@ md5sums="b9e10a3ea9d52b4fa9bbbf540d313970 rsyslog-8.9.0.tar.gz
67b8afd572b4103b39b54a729b880b53 rsyslog.initd
0a0aef98f677364e6178c34274df7723 rsyslog.confd
bc43debc9ffdf66bc1409025fd3d1176 rsyslog.logrotate
-65fbf5a7a81a53a70974e3085e96cb41 rsyslog.conf
+ea6f8af41d13c4278bb7788e715f2372 rsyslog.conf
05a0995f5cbe241720aaf6b149860286 musl-fix.patch
aafafdf4502f5e4de5fcfebd21499700 gnutls-3.4.0.patch"
sha256sums="eab00e8e758cd9dd33b3e2cf6af80297d1951dc7db37bd723a6488a35d577adc rsyslog-8.9.0.tar.gz
223d4bdb69760ef5a9a044d68434c805cd15e31fa190a86f5f283912d0baf6d6 rsyslog.initd
c476c2180fcceaf581d26d2da6201fbe7a2b9fc89c58456fdb3bdaf18a4cbb56 rsyslog.confd
f0effc19bd1f1bfa367d65d6516c73509cb34545157b9e91cf6e437685dd3fe5 rsyslog.logrotate
-559a8221d2ef9376a77e08de05206f3d2214a81fa88649f5bca2a1207f8918c5 rsyslog.conf
+05bc12785e418db424d6b29133a2e44c3422953a5bc5850e4881baa5726fdbce rsyslog.conf
feda2d9ca6c788e375116b6c43b6c4ac5debe83dab0efcfc9a47216c9af36599 musl-fix.patch
540530796fd535889ef1a1741ad06e3a0ab4441247396f89ebb06010ce9c102e gnutls-3.4.0.patch"
sha512sums="942cccc2cbe147572cc2d346ac330d80c86915757b2b7a380829f0b40294d7e4afd4887d5066821af1e059cd78cdb38520fc9d28b55daa7afcd0e5b2e6bd9a5d rsyslog-8.9.0.tar.gz
9a4b184076a82e0899da79ab3749e1c67eac03f36c4460d34ed0385f4a3ffad53681a1cc25dd514e835c9399a9abd01c235743535ad549d5be7f66d9e127b9dc rsyslog.initd
c216674e6867d655c2c09b6205071591ae2b1611ad5dd0346e682733abafa8a1be261fdd9bb985bb5d05d5bfa708a68262b1a94e654a2c18d352fd02d6f950a3 rsyslog.confd
d54377ddf39197656811a84272568ea761f984e19dd04fc54f372dd04a9244e66d02b26ab33073d0344d054f031660ec611f3c7a18c266e7b68cef5e2c47f06f rsyslog.logrotate
-032ccce1850bc89fb37b4b23f1607ce73086ff2b057838a1b83e36751ee0412c537fc0c9cbc2c6e8098311e6a04569c7fc7f7dea80111e8c8623b3b0cc3cccd1 rsyslog.conf
+5163bdd7612c3c407a7d42106ef52ff64f2051afb683d6d7fda26a22591c8cc2e787c1d7baebd563fc48a7ff1fe5b6046952c1d32c28949059ded04b4ecd0bbb rsyslog.conf
d5f16d624b40fcd68f689bb65cfad8f537b35f3d7f9c4453c472b21437964442baf0846b3658a6cdd2e0d44b60085140deffc68cf9e3c460bcc5db40cf142ee1 musl-fix.patch
b0e2fc464c840211acef0da481fed5eb594d5bee62672fbccf379efcf3f88c3acee5efd8c51671508feaf2edacd05426766577c94e733479a90a58f68f4fc8a4 gnutls-3.4.0.patch"
diff --git a/main/rsyslog/rsyslog.conf b/main/rsyslog/rsyslog.conf
index 19187467b3..38d0e4b73a 100644
--- a/main/rsyslog/rsyslog.conf
+++ b/main/rsyslog/rsyslog.conf
@@ -6,6 +6,13 @@ $ModLoad immark.so # provides --MARK-- message capability
$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command)
$ModLoad imklog.so # kernel logging (formerly provided by rklogd)
+# default permissions for all log files.
+$FileOwner root
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
# Include configuration files from directory
$IncludeConfig /etc/rsyslog.d/*