proposed /sbin/init permission change
Luigi Rizzo
rizzo at icir.org
Wed Feb 22 00:56:02 PST 2006
objections to this change to /sbin/init/Makefile
so that /sbin/init is installed with normal (555) modes ?
Using mode 500 makes it unreadable from nfs-exported
filesystems (as those that one can use in a diskless environment).
There is no privacy issue with the content of /sbin/init
to justify making it unreadable, and the first two lines
if (getuid() != 0)
errx(1, "%s", strerror(EPERM));
prevent non-root execution anyways.
BTW this would apply to -stable as well.
I have already made this request multiple times over time
(i think the first time was back in 1999 when i started
working with diskless environments) with no answer.
cheers
luigi
> cvs diff -u Makefile
Index: Makefile
===================================================================
RCS file: /home/ncvs/src/sbin/init/Makefile,v
retrieving revision 1.32
diff -u -r1.32 Makefile
--- Makefile 11 Jan 2005 14:34:29 -0000 1.32
+++ Makefile 22 Feb 2006 08:55:02 -0000
@@ -4,7 +4,6 @@
PROG= init
MAN= init.8
MLINKS= init.8 securelevel.8
-BINMODE=500
PRECIOUSPROG=
INSTALLFLAGS=-b -B.bak
WARNS?= 6
More information about the freebsd-current
mailing list