Date: Tue, 28 Jan 2025 14:29:12 GMT From: Mark Johnston <markj@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: c43ae7ab4bf8 - main - etcupdate: Restrict access to the conflicts directory Message-ID: <202501281429.50SETCck060178@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=c43ae7ab4bf89c2b274c1cbefe663c456e9211d1 commit c43ae7ab4bf89c2b274c1cbefe663c456e9211d1 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2025-01-28 14:23:06 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2025-01-28 14:23:06 +0000 etcupdate: Restrict access to the conflicts directory In the window during conflict resolution, copies of installed files with conflicts are added here with the default mode. Restrict access. PR: 277470 Reviewed by: philip, jhb, emaste Differential Revision: https://reviews.freebsd.org/D48576 --- usr.sbin/etcupdate/etcupdate.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/usr.sbin/etcupdate/etcupdate.sh b/usr.sbin/etcupdate/etcupdate.sh index 39d1f9e56a54..7bddd6593b56 100755 --- a/usr.sbin/etcupdate/etcupdate.sh +++ b/usr.sbin/etcupdate/etcupdate.sh @@ -1611,6 +1611,9 @@ EOF # Initialize conflicts and warnings handling. rm -f $WARNINGS mkdir -p $CONFLICTS + if ! chmod 0700 ${CONFLICTS}; then + panic "Unable to set permissions on conflicts directory" + fi # Ignore removed files for the pre-world case. A pre-world # update uses a stripped-down tree.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202501281429.50SETCck060178>