mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-08-28 12:57:57 +00:00
Code Issues Releases Wiki Activity

security: change CR_FD_PERM from rw-rw-r-- to rw-r--r--

Browse Source 
This makes only root to be able to modify images by default.
When using criu with suid bit set, group of the images is set
to user group, which is not safe, considering current CR_FD_PERM.

Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This commit is contained in:
Ruslan Kuprieiev 2014-09-16 13:34:00 +04:00 committed by Pavel Emelyanov
parent 8f2cb6b227
commit ada4664429
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/crtools.h
View File

@ -7,7 +7,7 @@
#include "asm/types.h"
#include "servicefd.h"
#define CR_FD_PERM (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH)
#define CR_FD_PERM (S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)
extern int check_img_inventory(void);
extern int write_img_inventory(void);