Menu
▾
▴
[Devil-linux-commit] build/scripts/scripts save-config,1.27,1.28
|
From: Heiko Z. <smi...@us...> - 2004-04-27 13:39:44
|
Update of /cvsroot/devil-linux/build/scripts/scripts In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32623/scripts/scripts Modified Files: save-config Log Message: - closed security hole where etc.tar.bz2 had the wrong permissions after save-config (Heiko / Tim Tait) - closed security hole where an ordinary user was allowed to mount the configuration floppy Index: save-config =================================================================== RCS file: /cvsroot/devil-linux/build/scripts/scripts/save-config,v retrieving revision 1.27 retrieving revision 1.28 diff -u -d -r1.27 -r1.28 --- save-config 1 Apr 2004 01:56:21 -0000 1.27 +++ save-config 27 Apr 2004 13:39:35 -0000 1.28 @@ -140,12 +140,10 @@ error=$? -umount $CONFIG_MOUNT -sync;sync;sync - if [ $error -eq 141 ]; then echo "media protected, configuration not saved" else + chmod 0600 $CONFIG_MOUNT/etc.tar.bz2 $SUCCESS echo "Configuration saved" $NORMAL @@ -154,3 +152,6 @@ # useful for backing up the config elsewhere [ -x /root/bin/post-save-config ] && /root/bin/post-save-config fi + +umount $CONFIG_MOUNT +sync;sync;sync |
