On Sun, 30 Oct 2005 13:16:29 +0100 Frans Pop wrote: > After installing 2.6.14 I noticed that the initrd created by yaird has > different permissions from all other initrds on my system. > > -rw------- 1 root root 1069831 2005-10-30 12:11 > initrd.img-2.6.14-1-686 > > All others have -rw-r--r--. Also all kernel images and config files > are world readable. > > If there is not a good reason for changing permissions, I feel that > yaird should be consistent with other tools in this respect.
First of all, I apologize for taking so long to respond to this. Thanks to Maximilian Attems for bringing it to my attention in bug#381677. yaird runs as root, and collects info from several places, some of which may be readable only as root. It then stores that collected info in a newly created file. As a precaution, this newly created file is created only accessible by root, so as to not accidentally leak info. This mostly works well. One situation that I am aware of is the use of ramdisks for diskless environments like lessdisks (see bug#336518 where access rights is also - lightly - discussed). I consider the tight permissions a feature, not a bug, but has left this bugreport open for the benefit of the doubt. Are you aware of any ill effects of the tight permissions, in addition to the already known one of tftp publication? If not, I suggest this bugreport into a wishlist request for support for optionally relaxing the permissions. - Jonas -- * Jonas Smedegaard - idealist og Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ - Enden er nær: http://www.shibumi.org/eoti.htm
pgppW09holbwI.pgp
Description: PGP signature
