Thread: [Devil-linux-commit] build/scripts/scripts save-config,1.27,1.28

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/devil-linux/build/scripts/scripts
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32623/scripts/scripts

Modified Files:
	save-config 
Log Message:
- closed security hole where etc.tar.bz2 had the wrong permissions after
save-config (Heiko / Tim Tait)
- closed security hole where an ordinary user was allowed to mount the
configuration floppy


Index: save-config
===================================================================
RCS file: /cvsroot/devil-linux/build/scripts/scripts/save-config,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -d -r1.27 -r1.28

--- save-config	1 Apr 2004 01:56:21 -0000	1.27
+++ save-config	27 Apr 2004 13:39:35 -0000	1.28
@@ -140,12 +140,10 @@
 
 error=$?
 
-umount $CONFIG_MOUNT
-sync;sync;sync
-
 if [ $error -eq 141 ]; then
 	echo "media protected, configuration not saved"
 else
+	chmod 0600 $CONFIG_MOUNT/etc.tar.bz2
 	$SUCCESS
 	echo "Configuration saved"
 	$NORMAL
@@ -154,3 +152,6 @@
 	# useful for backing up the config elsewhere
 	[ -x /root/bin/post-save-config ] && /root/bin/post-save-config
 fi
+
+umount $CONFIG_MOUNT
+sync;sync;sync





Thread: [Devil-linux-commit] build/scripts/scripts save-config,1.27,1.28

devil-linux-commit