| Message ID | 1466064555-112759-1-git-send-email-champetier.etienne@gmail.com |
|---|---|
| State | Accepted |
| Headers | show
Return-Path: <lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from bombadil.infradead.org (bombadil.infradead.org
[IPv6:2001:1868:205::9])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
bits)) (No client certificate requested)
by ozlabs.org (Postfix) with ESMTPS id 3rVbgR6v1Mz9t15
for <incoming@patchwork.ozlabs.org>;
Thu, 16 Jun 2016 18:11:15 +1000 (AEST)
Authentication-Results: ozlabs.org;
dkim=fail reason="signature verification failed" (2048-bit key;
unprotected) header.d=gmail.com header.i=@gmail.com header.b=lkdJyJsH;
dkim-atps=neutral
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux))
id 1bDSMy-00019V-90; Thu, 16 Jun 2016 08:09:44 +0000
Received: from mail-wm0-x243.google.com ([2a00:1450:400c:c09::243])
by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat
Linux)) id 1bDSMw-00018u-Et
for lede-dev@lists.infradead.org; Thu, 16 Jun 2016 08:09:43 +0000
Received: by mail-wm0-x243.google.com with SMTP id r5so9447629wmr.0
for <lede-dev@lists.infradead.org>;
Thu, 16 Jun 2016 01:09:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=from:to:cc:subject:date:message-id;
bh=md6Xs/+bvct73ewXiHPb/mufmNxjfNvLVbjrY3trX+8=;
b=lkdJyJsH+ZWr3UfCV/bY6ScIDb2fS87Ei4bPEO22i3Z01ki117PirJkmoiMaINoYf9
BODZr//VKGDW3HdOOIHJHqcYA4kvM70G6z88vvR2xXh7Jn3vzzPFCWspEQkOhagy1jo7
a0et0P/BcGJPwO3cUq6vIuiNuOAoeCA0HI1Mwj/T/3xHy8gERmyHaLituIqNmkuhBaGN
R9sSb8FHQ65fJea8HW9tH9Pj1dqR4dhrG8KItSHKRzPOtraxWPiHacMGoakEpC4ril0B
V9KdUpPdWOSeowlkxP/PCTjBLNhW5wRM6ZFdhFHvYCa4OLa5tJBk4hrEJGOjooYz2Ino
6Dmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:from:to:cc:subject:date:message-id;
bh=md6Xs/+bvct73ewXiHPb/mufmNxjfNvLVbjrY3trX+8=;
b=erLBhcRs4ICQRNqJ9On17v6W3Bfx2Ugnh1lKzVKQnmI8Ll1S9KJT90DiDsDvFNHC5j
srkD2BIKSV0nxmdS8MRTDveqdbm/7G3knYeYnvayhwIfu7cFteM/24r6kbLPrWlAE417
hMDfiXIenifz3ll74TBDp0OeGCNuUIAqg8ot0NLkv82w9b9LEAIOix2uZVCUvK3SOV6n
ifqy1T0/yncgVNCypjLlCnEgwBztTG1gCVuG09EklKcQ4TjC88fbtk4PqAYmBjdfOy0R
vamW1RU2kYQ2i5eGpFIvIiFi78F2lG0JTnHh2le2bLR2UK3pfkcUkF79fXoBPO+JkZTx
eO3w==
X-Gm-Message-State: ALyK8tLSnZoHJdA98YmQYgU3CN3t/i2MjvY5odtU5HDCeTsG7Fv0uzE0tYGzD4m/oSOS1Q==
X-Received: by 10.28.215.148 with SMTP id o142mr13408851wmg.72.1466064560530;
Thu, 16 Jun 2016 01:09:20 -0700 (PDT)
Received: from ubuntu1404.lxcnattst (ns623510.ovh.net. [5.135.134.9])
by smtp.gmail.com with ESMTPSA id
d137sm13555469wmd.12.2016.06.16.01.09.19
(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
Thu, 16 Jun 2016 01:09:19 -0700 (PDT)
From: Etienne CHAMPETIER <champetier.etienne@gmail.com>
To: lede-dev@lists.infradead.org
Date: Thu, 16 Jun 2016 08:09:15 +0000
Message-Id: <1466064555-112759-1-git-send-email-champetier.etienne@gmail.com>
X-Mailer: git-send-email 1.9.1
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20160616_010942_659885_17504C69
X-CRM114-Status: UNSURE ( 7.53 )
X-CRM114-Notice: Please train this message.
X-Spam-Score: -2.7 (--)
X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary:
Content analysis details: (-2.7 points)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
low
trust [2a00:1450:400c:c09:0:0:0:243 listed in] [list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider (champetier.etienne[at]gmail.com)
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
Subject: [LEDE-DEV] [PATCH] make /var/{run, lock,
state} not world writable (0755)
X-BeenThere: lede-dev@lists.infradead.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: <lede-dev.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/lede-dev>,
<mailto:lede-dev-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/lede-dev/>
List-Post: <mailto:lede-dev@lists.infradead.org>
List-Help: <mailto:lede-dev-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/lede-dev>,
<mailto:lede-dev-request@lists.infradead.org?subject=subscribe>
Cc: Etienne CHAMPETIER <champetier.etienne@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Lede-dev" <lede-dev-bounces@lists.infradead.org>
Errors-To: lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
|
diff --git a/initd/early.c b/initd/early.c index accfc1d..bf519f6 100644 --- a/initd/early.c +++ b/initd/early.c @@ -73,9 +73,9 @@ early_mounts(void) mount("tmpfs", "/tmp/shm", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOATIME, "mode=01777"); } - mkdir("/tmp/run", 0777); - mkdir("/tmp/lock", 0777); - mkdir("/tmp/state", 0777); + mkdir("/tmp/run", 0755); + mkdir("/tmp/lock", 0755); + mkdir("/tmp/state", 0755); umask(oldumask); }
since commit be950c5e56b86509e1e237931d0ac8203372be82 (09/03/2013) /var/{run,lock,state} are world writable (0777) which is a security issue before that they were created by /etc/init.d/boot with normal permissions (0755), so revert to that state Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com> --- initd/early.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)