[Devil-linux-commit] build/scripts/scripts save-config,1.23,1.23.2.1

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/devil-linux/build/scripts/scripts
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32544/scripts/scripts

Modified Files:
      Tag: rel-1-0-patches
	save-config 
Log Message:
- closed security hole where etc.tar.bz2 had the wrong permissions after
save-config (Heiko / Tim Tait)
- closed security hole where an ordinary user was allowed to mount the
configuration floppy


Index: save-config
===================================================================
RCS file: /cvsroot/devil-linux/build/scripts/scripts/save-config,v
retrieving revision 1.23
retrieving revision 1.23.2.1
diff -u -d -r1.23 -r1.23.2.1

--- save-config	18 Sep 2003 19:01:27 -0000	1.23
+++ save-config	27 Apr 2004 13:39:12 -0000	1.23.2.1
@@ -111,13 +111,16 @@
 
 error=$?
 
-umount $CONFIG_MOUNT
-sync;sync;sync
-
 if [ $error -eq 141 ]; then
 	echo "media protected, configuration not saved"
 else
+	chmod 0600 $CONFIG_MOUNT/etc.tar.bz2
+
 	$SUCCESS
 	echo "Configuration saved"
 	$NORMAL
 fi
+
+umount $CONFIG_MOUNT
+sync;sync;sync
+



