[arch-releng] [PATCH 1/1] limit access to cow directory
Gerardo Exequiel Pozzi
vmlinuz386 at gmail.com
Fri May 29 20:00:50 UTC 2015
On 05/29/2015 02:27 PM, Christian Hesse wrote:
> Christian Hesse <list at eworm.de> on Wed, 2015/05/06 10:12:
>> From: Christian Hesse <mail at eworm.de>
>>
>> Signed-off-by: Christian Hesse <mail at eworm.de>
>> ---
>> archiso/initcpio/hooks/archiso | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/archiso/initcpio/hooks/archiso b/archiso/initcpio/hooks/archiso
>> index fcfe820..b02d9f8 100644
>> --- a/archiso/initcpio/hooks/archiso
>> +++ b/archiso/initcpio/hooks/archiso
>> @@ -172,7 +172,7 @@ archiso_mount_handler() {
>> mkdir -p /run/archiso/cowspace
>> mount -t tmpfs -o "size=${cow_spacesize}",mode=0755
>> cowspace /run/archiso/cowspace fi
>> - mkdir -p "/run/archiso/cowspace/${cow_directory}"
>> + mkdir -p -m 0700 "/run/archiso/cowspace/${cow_directory}"
>>
>> _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs"
>> "/run/archiso/sfs/airootfs" if [[ -f
>> "/run/archiso/sfs/airootfs/airootfs.img" ]]; then
>
> Now that you merged my other patches... How about this one?
> I think not giving non-root users access to the cow directory is a good idea,
> no?
>
oops, I missed this one. Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-releng/attachments/20150529/95120949/attachment.asc>
More information about the arch-releng
mailing list