[xen staging] tools: init scripts: make XEN_RUN_DIR and XEN_LOCK_DIR mode 700

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[xen staging] tools: init scripts: make XEN_RUN_DIR and XEN_LOCK_DIR mode 700

patchbot
commit 7b5278b28f8fbcd4402e4520d7a5d607d4a997a7
Author:     Ian Jackson <[hidden email]>
AuthorDate: Thu Feb 7 15:02:27 2019 +0000
Commit:     Wei Liu <[hidden email]>
CommitDate: Thu Feb 7 18:44:36 2019 +0000

    tools: init scripts: make XEN_RUN_DIR and XEN_LOCK_DIR mode 700
   
    These directories ought not to be even world-readable.  If this script
    for some reason runs with a lax umask they might be created
    overly-writeable.  Avoid any such bug by setting the mode explicitly.
   
    Signed-off-by: Ian Jackson <[hidden email]>
    Acked-by: Wei Liu <[hidden email]>
    Release-acked-by: Juergen Gross <[hidden email]>
---
 tools/hotplug/Linux/init.d/xencommons.in | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/hotplug/Linux/init.d/xencommons.in b/tools/hotplug/Linux/init.d/xencommons.in
index aa62e4c92f..7fd6903b98 100644
--- a/tools/hotplug/Linux/init.d/xencommons.in
+++ b/tools/hotplug/Linux/init.d/xencommons.in
@@ -56,8 +56,8 @@ do_start () {
 
  for mod in $BACKEND_MODULES ; do modprobe "$mod" &>/dev/null ; done
 
- mkdir -p ${XEN_RUN_DIR}
- mkdir -p ${XEN_LOCK_DIR}
+ mkdir -m700 -p ${XEN_RUN_DIR}
+ mkdir -m700 -p ${XEN_LOCK_DIR}
  mkdir -p ${XEN_LOG_DIR}
 
  @XEN_SCRIPT_DIR@/launch-xenstore || exit 1
--
generated by git-patchbot for /home/xen/git/xen.git#staging

_______________________________________________
Xen-changelog mailing list
[hidden email]
https://lists.xenproject.org/xen-changelog