From: Etienne CHAMPETIER Date: Thu, 16 Jun 2016 08:09:15 +0000 (+0000) Subject: make /var/{run, lock, state} not world writable (0755) X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=7104a2b149f0a870ec36ddff90b5f6a22c0d398d;p=project%2Fprocd.git make /var/{run, lock, state} not world writable (0755) since commit be950c5e56b86509e1e237931d0ac8203372be82 (09/03/2013) /var/{run,lock,state} are world writable (0777) which is a security issue before that they were created by /etc/init.d/boot with normal permissions (0755), so revert to that state Signed-off-by: Etienne CHAMPETIER --- diff --git a/initd/early.c b/initd/early.c index accfc1d..bf519f6 100644 --- a/initd/early.c +++ b/initd/early.c @@ -73,9 +73,9 @@ early_mounts(void) mount("tmpfs", "/tmp/shm", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOATIME, "mode=01777"); } - mkdir("/tmp/run", 0777); - mkdir("/tmp/lock", 0777); - mkdir("/tmp/state", 0777); + mkdir("/tmp/run", 0755); + mkdir("/tmp/lock", 0755); + mkdir("/tmp/state", 0755); umask(oldumask); }