[arch-releng] [PATCH 1/1] limit access to cow directory
Christian Hesse
list at eworm.de
Fri May 29 17:27:51 UTC 2015
Christian Hesse <list at eworm.de> on Wed, 2015/05/06 10:12:
> From: Christian Hesse <mail at eworm.de>
>
> Signed-off-by: Christian Hesse <mail at eworm.de>
> ---
> archiso/initcpio/hooks/archiso | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/archiso/initcpio/hooks/archiso b/archiso/initcpio/hooks/archiso
> index fcfe820..b02d9f8 100644
> --- a/archiso/initcpio/hooks/archiso
> +++ b/archiso/initcpio/hooks/archiso
> @@ -172,7 +172,7 @@ archiso_mount_handler() {
> mkdir -p /run/archiso/cowspace
> mount -t tmpfs -o "size=${cow_spacesize}",mode=0755
> cowspace /run/archiso/cowspace fi
> - mkdir -p "/run/archiso/cowspace/${cow_directory}"
> + mkdir -p -m 0700 "/run/archiso/cowspace/${cow_directory}"
>
> _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs"
> "/run/archiso/sfs/airootfs" if [[ -f
> "/run/archiso/sfs/airootfs/airootfs.img" ]]; then
Now that you merged my other patches... How about this one?
I think not giving non-root users access to the cow directory is a good idea,
no?
--
main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];)
putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-releng/attachments/20150529/cfd809ee/attachment.asc>
More information about the arch-releng
mailing list