The seusers.local file is world writable
Issue
/etc/selinux/targeted/active/seusers.local
is world writable- Too loose permissions for
/etc/selinux/targeted/active/seusers.local
- With IPA, when a user logs in for the first time, the
seusers.local
file is created with0666
permissions /etc/selinux/targeted/active/seusers.local
follows current umask settings
Environment
- Red Hat Enterprise Linux 7
- libsemanage-2.5-5.1.el7_3
- Red Hat Enterprise Linux 6
- libsemanage
- IPA/sssd used for authentication
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.