[packages/geninitrd] - rel 5; mount /run with 0755 (security issue)

arekm arekm at pld-linux.org
Tue Jun 7 08:49:40 CEST 2016


commit 95e49aad56e932f0d3fb191dba4d72af942d88ef
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Tue Jun 7 08:49:34 2016 +0200

    - rel 5; mount /run with 0755 (security issue)

 geninitrd-git.patch | 19 +++++++++++++++++++
 geninitrd.spec      |  2 +-
 2 files changed, 20 insertions(+), 1 deletion(-)
---
diff --git a/geninitrd.spec b/geninitrd.spec
index d45d8f8..ed1777b 100644
--- a/geninitrd.spec
+++ b/geninitrd.spec
@@ -7,7 +7,7 @@ Summary:	Creates an initial ramdisk image for preloading modules
 Summary(pl.UTF-8):	Narzędzie do tworzenia inicjalnego ramdysku używanego przy starcie systemu
 Name:		geninitrd
 Version:	12757
-Release:	4
+Release:	5
 License:	GPL
 Group:		Applications/System
 Source0:	%{name}-%{version}.tar.gz
diff --git a/geninitrd-git.patch b/geninitrd-git.patch
index 30660b5..0ee27c0 100644
--- a/geninitrd-git.patch
+++ b/geninitrd-git.patch
@@ -56,3 +56,22 @@ index 92a519d..771245e 100755
  			echo "DEVICE set to $device based on fstab entry from initrd gen time"
  		fi
  
+commit 583a7f5f8783fb1f92b75ca9f651d675df016b73
+Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
+Date:   Tue Jun 7 08:30:46 2016 +0200
+
+    Mount /run with 0755.
+
+diff --git a/geninitrd b/geninitrd
+index 771245e..62e47ee 100755
+--- a/geninitrd
++++ b/geninitrd
+@@ -273,7 +273,7 @@ mount_run() {
+ 	fi
+ 
+ 	run_mounted=yes
+-	echo "mount -t tmpfs run /run" | add_linuxrc
++	echo "mount -t tmpfs run /run -o mode=0755" | add_linuxrc
+ }
+ 
+ # unmount all mountpoints mounted by geninitrd
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/geninitrd.git/commitdiff/95e49aad56e932f0d3fb191dba4d72af942d88ef



More information about the pld-cvs-commit mailing list