[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 3/3] tools: init scripts: make XEN_RUN_DIR and XEN_LOCK_DIR mode 700

These directories ought not to be even world-readable.  If this script
for some reason runs with a lax umask they might be created
overly-writeable.  Avoid any such bug by setting the mode explicitly.

Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
---
 tools/hotplug/Linux/init.d/xencommons.in | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/hotplug/Linux/init.d/xencommons.in 
b/tools/hotplug/Linux/init.d/xencommons.in
index aa62e4c92f..7fd6903b98 100644
--- a/tools/hotplug/Linux/init.d/xencommons.in
+++ b/tools/hotplug/Linux/init.d/xencommons.in
@@ -56,8 +56,8 @@ do_start () {
 
        for mod in $BACKEND_MODULES ; do modprobe "$mod" &>/dev/null ; done
 
-       mkdir -p ${XEN_RUN_DIR}
-       mkdir -p ${XEN_LOCK_DIR}
+       mkdir -m700 -p ${XEN_RUN_DIR}
+       mkdir -m700 -p ${XEN_LOCK_DIR}
        mkdir -p ${XEN_LOG_DIR}
 
        @XEN_SCRIPT_DIR@/launch-xenstore || exit 1
-- 
2.11.0


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.