Re: git: a6ed8c959303 - main - Fix /root permissions after 'make installworld'
Date: Thu, 16 Nov 2023 13:21:53 UTC
On 11/16/23, Gordon Bergling <gbe@freebsd.org> wrote: > The branch main has been updated by gbe: > > URL: > https://cgit.FreeBSD.org/src/commit/?id=a6ed8c9593031abf6fa73661be55c226caa362d6 > > commit a6ed8c9593031abf6fa73661be55c226caa362d6 > Author: Thomas Eberhardt <sneakywumpus@gmail.com> > AuthorDate: 2023-11-16 09:59:38 +0000 > Commit: Gordon Bergling <gbe@FreeBSD.org> > CommitDate: 2023-11-16 09:59:38 +0000 > > Fix /root permissions after 'make installworld' > > According to /etc/mtree/BSD.root.dist /root should have > 0750 permissions, but the build target 'make installworld' > changes these to 0755. > > This is caused by the installation of the configuration > files of sh(1) and csh(1). > > Correct this by specifying the correct default /root permissions. > > PR: 273342 > Reviewed by: jilles > Approved by: jilles > MFC after: 2 weeks > Differential Revision:https://reviews.freebsd.org/D42395 > --- > bin/csh/Makefile | 1 + > bin/sh/Makefile | 1 + > 2 files changed, 2 insertions(+) > > diff --git a/bin/csh/Makefile b/bin/csh/Makefile > index 1f996df3999b..94e1ba763d6e 100644 > --- a/bin/csh/Makefile > +++ b/bin/csh/Makefile > @@ -15,6 +15,7 @@ ROOTPACKAGE= csh > ETC= csh.cshrc csh.login csh.logout > ROOT= dot.cshrc dot.login > ROOTDIR= /root > +ROOTDIR_MODE= 0750 This is at best a total workaround, the real bug is that root dir gets modified to begin with and there will be other cases prone to cause the same problem. More importantly, is not this a regression from security pov? -- Mateusz Guzik <mjguzik gmail.com>